soutenir.vaincrelamuco.org Open in urlscan Pro
2600:9000:266e:5400:1:55b:3f00:93a1  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://soutenir.vaincrelamuco.org/ HTTP 301
   https://soutenir.vaincrelamuco.org/ HTTP 303
   https://soutenir.vaincrelamuco.org/don/?lang=fr_FR&_cv=1 HTTP 303
   https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://10134604.fls.doubleclick.net/activityi;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1353764223118.8984 HTTP 302
• https://10134604.fls.doubleclick.net/activityi;dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1353764223118.8984

Request Chain 52

• https://10134604.fls.doubleclick.net/activityi;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1 HTTP 302
• https://10134604.fls.doubleclick.net/activityi;dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1

Request Chain 123

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&label=xhjTCOLIsoAYENqItMID&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=YKLTZeiMKKe9hcIPoeux2Ak&sscte=1&crd=COy7sQI&eitems=ChAIgJXMrgYQqeLk35-K7fsBEh0AodEqn9x2f_0GtS15UN9kznyeUi-76NoD2xg_fQ&pscrd=Ek9DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUkltQUFmT29LendGczVzRXo3Ri1pVjhESFRSSDRYeFpxMl80djNSSlVHX3YxcUhBSE9mN2tFGlhDaEFJZ0pYTXJnWVFvT2ljdUwtbi1PQjJFaTRBY0t6ajNnR25zRGdUVEd4Rzk1TjNGRWo2QTdYd2JNM3REN3hvQ1ZDbnk1cndGRncxWkhETHNvbHFncHFBIhMI6Ly9w4i4hAMVp15BAh2hdQybMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
• https://www.google.com/pagead/1p-conversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&label=xhjTCOLIsoAYENqItMID&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUkltQUFmT29LendGczVzRXo3Ri1pVjhESFRSSDRYeFpxMl80djNSSlVHX3YxcUhBSE9mN2tFGlhDaEFJZ0pYTXJnWVFvT2ljdUwtbi1PQjJFaTRBY0t6ajNnR25zRGdUVEd4Rzk1TjNGRWo2QTdYd2JNM3REN3hvQ1ZDbnk1cndGRncxWkhETHNvbHFncHFBIhMI6Ly9w4i4hAMVp15BAh2hdQybMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=YKLTZeiMKKe9hcIPoeux2Ak&cid=CAQSKQAvHhf_rI8D4zSmMqLUighS5erBdsqG0PPrVosTELiy5z7n9VQ5TzjA&eitems=ChAIgJXMrgYQqeLk35-K7fsBEh0AodEqn0gb9pWaH0KyqT4DxH8Lmm_UDY_ByOdQzA&random=58714965 HTTP 302
• https://www.google.de/pagead/1p-conversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&label=xhjTCOLIsoAYENqItMID&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUkltQUFmT29LendGczVzRXo3Ri1pVjhESFRSSDRYeFpxMl80djNSSlVHX3YxcUhBSE9mN2tFGlhDaEFJZ0pYTXJnWVFvT2ljdUwtbi1PQjJFaTRBY0t6ajNnR25zRGdUVEd4Rzk1TjNGRWo2QTdYd2JNM3REN3hvQ1ZDbnk1cndGRncxWkhETHNvbHFncHFBIhMI6Ly9w4i4hAMVp15BAh2hdQybMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=YKLTZeiMKKe9hcIPoeux2Ak&cid=CAQSKQAvHhf_rI8D4zSmMqLUighS5erBdsqG0PPrVosTELiy5z7n9VQ5TzjA&eitems=ChAIgJXMrgYQqeLk35-K7fsBEh0AodEqn0gb9pWaH0KyqT4DxH8Lmm_UDY_ByOdQzA&random=58714965&ipr=y

Request Chain 222

• https://insight.adsrvr.org/track/up?adv=7r3i200&ref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&upid=s5nj3b5&upv=1.1.0 HTTP 302
• https://match.adsrvr.org/track/upb/?adv=7r3i200&ref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&upid=s5nj3b5&upv=1.1.0

Request Chain 238

• https://s.adroll.com/j/pre/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

Request Chain 253

• https://d.adroll.com/pixel/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&cookie=&adroll_s_ref=&keyw=&p0=2193 HTTP 302
• https://s.adroll.com/pixel/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/FM5THSBY4ZFUBIXLUZAWG3.js

Request Chain 264

• https://d.adroll.com/cm/b/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk

Request Chain 265

• https://d.adroll.com/cm/g/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=aCDSDglg1QZuol_3A1YASQ HTTP 302
• https://d.adroll.com/cm/g/in

Request Chain 266

• https://d.adroll.com/cm/index/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expiration=1739904482 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expiration=1739904482&C=1

Request Chain 268

• https://d.adroll.com/cm/n/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expires=365

Request Chain 269

• https://d.adroll.com/cm/o/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=6820d20e0960d5066ea25ff703560049&gdpr=1&gdpr_consent=

Request Chain 270

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=&us_privacy=1---

Request Chain 271

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 272

• https://d.adroll.com/cm/r/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 273

• https://d.adroll.com/cm/taboola/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk

Request Chain 274

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&dongle=c85e

Request Chain 275

• https://d.adroll.com/cm/x/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk

279 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ~mon-don Show response soutenir.vaincrelamuco.org/don/ Redirect Chain http://soutenir.vaincrelamuco.org/ https://soutenir.vaincrelamuco.org/ https://soutenir.vaincrelamuco.org/don/?lang=fr_FR&_cv=1 https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1	182 KB 183 KB	424ms 423ms	Document text/html	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 04f56a1d298407a7052733c897d8ac3beca05f540b304e8425782d4852604c55 Security Headers Name Value X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=300, s-maxage=300 content-type text/html;charset=UTF-8 date Mon, 19 Feb 2024 18:47:59 GMT expires Thu, 19 Nov 1981 08:52:00 GMT server nginx via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) x-amz-cf-id 3wFENWiMy3Jra1eP9uGCBxium5_p5tt6Pd0bNsULrd3WnsBAoQdZ5g== x-amz-cf-pop FRA56-P8 x-cache Miss from cloudfront x-xss-protection 1 Redirect headers cache-control public, max-age=300, s-maxage=300 content-type text/html; charset=UTF-8 date Mon, 19 Feb 2024 18:47:59 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location /don/~mon-don?_cv=1 server nginx via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) x-amz-cf-id M3lWNvze4-vW3KL_dGX87RGfWkHjQnqTfZ0yb5OFargqnbGFTSXjGQ== x-amz-cf-pop FRA56-P8 x-cache Miss from cloudfront x-xss-protection 1
GET H2	200	style_v2.css soutenir.vaincrelamuco.org/themes/default/css/	18 KB 5 KB	25ms 23ms	Stylesheet text/css	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/css/style_v2.css?hash=f8b6806de2accedfb5c1d726ef192c66 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 673d03b765dcef0e825dc7fcad4ae44f80c6c1adb7cff6dc4e6ad74257ea8738 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-470e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id CVhxKdnAM9gg_3o1Pqj9_-7mBd8TssvcI0glj__ooSsyvUB5HyA2hg==
GET H2	200	jquery-1.11.2.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	94 KB 33 KB	40ms 38ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/jquery-1.11.2.min.js?hash=5790ead7ad3ba27397aedfa3d263b867 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-176bb" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id vfqHSveL378Jic4Hho400X03QJHk3h9N6q3qbgdccF_mjtoDACoCOQ==
GET H2	200	jquery.cookie-1.0.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	994 B 1 KB	27ms 25ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/jquery.cookie-1.0.min.js?hash=6f6ed3cd5486dbf3bb9143eea287a6a5 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 64e56836e083250c795d6fc4fd222f30841bb90de0dcef675bb81c44d2f96e12 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag "65a78142-3e2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 994 x-amz-cf-id jSto4FA_jnSnzWubGf7BSXcEEyEsJAaM2-Rp49F5HIDqlpNMBSz1TQ==
GET H2	200	dnterrors.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	2 KB 1021 B	27ms 26ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/dnterrors.min.js?hash=af6b6c3691e205792b5ad49d7fa92b5a Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 798f3e092c9e422898fc4dcece039d57a328e2edab87e7e7c8d9a339aadc6727 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-6e2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id gt2QSl79k1CHYc_O18UbOKUgMBDjXhIglFj35_pcPiJ314_eJeE2MA==
GET H2	200	step1.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	18 KB 5 KB	29ms 28ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/step1.min.js?hash=6534d199fabc7fba19ee53393e987898 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 72ac5130fcbc63d83f340ac747825a7d7dba7f80672ca7c2ffaac71b6cc3739e Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-479b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id yy-vRGl5mJ9t7m8obdCBbGfknKzHWrD3Ie12qrjCO0rdvmY3mPFTrA==
GET H2	200	step2.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	6 KB 2 KB	30ms 29ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/step2.min.js?hash=143f4a6556a7fa9d084322263deca9ac Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 7ee5c3c69ae8c44336707ca09d59ad98d5b44bd63a91c21bda4083aacfa9df72 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-1810" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id r-Z39V6n8mUnR_jBDw-oNSzkD7r4ifKj15u4Q-nj4h64K_d2jfJ3HQ==
GET H2	200	step3.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	7 KB 2 KB	46ms 45ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/step3.min.js?hash=1cbc70ae6688f4df94453feb30066dcd Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 202178ee6a1a67355b7d98d6a60353221bdd167c3e397f60babd979af4ddf960 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-1cb7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id x4JO8b0_ajHBQ5kcshXp7Pq-m5x4SQGOIN5F50GyWt2v1-OaDcen6A==
GET H2	200	steps.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	4 KB 2 KB	30ms 29ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/steps.min.js?hash=089e9a2bbf1abefee35295f270d54724 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 8dadae55c0f6f1b0632f1af8ff8aafef9f78bb0e9839657423ba6724657c0a7b Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-10c7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id G-7yLwfMmlE92VnjsDp-9LVGOM-ILlIDeYyp7S-pxK6RSeFxNAodYQ==
GET H2	200	jquery.ir-priceinput.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	428 B 762 B	31ms 30ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/jquery.ir-priceinput.min.js?hash=07482ff72021c2c53278074abe52347f Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash fb3dab6d97df8490b2eed9a51459e8ed4583057083f714008f1c796b368ffded Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag "65a78142-1ac" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 428 x-amz-cf-id LcbE1yrt-yk2j6TesBYwM82E4xkqJJ58NikD5XeEUEZeD3VOGI49TA==
GET H2	200	common.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	19 KB 6 KB	32ms 31ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/common.min.js?hash=735ca2972601f178d969b82d337f5070 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ce56f39a169bd088621fb5a3ed2f085048d75d09d543559b1e3e5e43d5d0168f Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-4bb8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id yjzt7AhiTNOeJa3Pd28r_rtSxLI59-kRTRjDrGiu8fj705ivI1w9Kg==
GET H2	200	reset-fonts.css soutenir.vaincrelamuco.org/themes/default/css/core/	1 KB 930 B	25ms 24ms	Stylesheet text/css	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/css/core/reset-fonts.css Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/css/style_v2.css?hash=f8b6806de2accedfb5c1d726ef192c66 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash c40e247365d8a712662ee4991f0a78a379be4dc429f8a85dba0a27e7764410e9 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/themes/default/css/style_v2.css?hash=f8b6806de2accedfb5c1d726ef192c66 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-417" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id lqaBhhL-y2SPDaBX_jU6c727HnCyYB98UTZbRN2zyM3P2FoomS0hNg==
GET H2	200	grids.css soutenir.vaincrelamuco.org/themes/default/css/core/	498 B 822 B	26ms 25ms	Stylesheet text/css	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/css/core/grids.css Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/css/style_v2.css?hash=f8b6806de2accedfb5c1d726ef192c66 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 1306483c1bea5b5c8b2c56d7ce711ef794860241a74f27bb20bb99ac04bb9ca0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/themes/default/css/style_v2.css?hash=f8b6806de2accedfb5c1d726ef192c66 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag "65a78142-1f2" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 498 x-amz-cf-id O-CRtmQONpUpcns6HAV-pmFtNPs6nDL4ElPJGtcGXLaXK5bPHqVstQ==
GET H2	200	grids-mqueries_v2.css soutenir.vaincrelamuco.org/themes/default/css/core/	5 KB 1 KB	27ms 27ms	Stylesheet text/css	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/css/core/grids-mqueries_v2.css Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/css/style_v2.css?hash=f8b6806de2accedfb5c1d726ef192c66 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 1d6d9e026c3e3271569129f404d097c232122f9c2728ae25357561ca6a63b4f6 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/themes/default/css/style_v2.css?hash=f8b6806de2accedfb5c1d726ef192c66 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-1261" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id 33ivbPNRIJwDky0NVULERnQ-3sxrP7ngVuaR9f3yBqjDGjHeD7Ha_A==
GET H2	200	arya.js Show response soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/	131 KB 39 KB	32ms 31ms	Script application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.js?v=23103 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6aee60d3b5d9554f6b0c43d3c282b9ebddaee729acc89049fedd5df135d975dc Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:26:04 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-20aae" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id sNTcqEquiX7FxkHQS86onhKcz2pbItD_7GECPkr9x1DeG2cLQusFEg==
GET H2	200	arya.css soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/	275 KB 42 KB	25ms 23ms	Stylesheet text/css	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6926693251a82c501437afec564b8b7a25125da83b7baa3fda279a4ea0343451 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2701 etag W/"65a78142-44d7f" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id kIU80Hy77Ta0S1SRKj-Smiv20XtvsCfwuWdDfmBHom3yHn2txmkT0g==
GET H2	200	118.png soutenir.vaincrelamuco.org/cdn.iraiser.eu/M0SLDfEGp6j4PQ1gMNcssg==/default/origin/	10 KB 11 KB	30ms 28ms	Image image/png	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/cdn.iraiser.eu/M0SLDfEGp6j4PQ1gMNcssg==/default/origin/118.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 694af51a27d174404c9d561fcb5d69a6de2061bfcbdc3e4fab54ebe207f16d7a Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront), 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA6-C1, FRA56-P8 age 2701 x-cache Hit from cloudfront content-type image/png cache-control max-age=315360000, public accept-ranges bytes content-length 10744 x-amz-cf-id yg2Xs9tMcFsmmQnEtogNDr1Ux_MSvW5TwE95xwbbNQNmDMlv_8-G7g== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Designsanstitre7.png cdn.iraiser.eu/M0SLDfEGp6j4PQ1gMNcssg==/default/origin/	40 KB 40 KB	122ms 27ms	Image image/png	2600:9000:2057:b200:1:5c0e:9a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.iraiser.eu/M0SLDfEGp6j4PQ1gMNcssg==/default/origin/Designsanstitre7.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:b200:1:5c0e:9a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 2ab9a02728ea5eabe83a74778aa4bf3ece47aa732a6618f1f3af4fcb4063f2c4 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT via 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA6-C1 age 2701 x-cache Hit from cloudfront content-type image/png cache-control max-age=315360000, public accept-ranges bytes content-length 40638 x-amz-cf-id hMaGvgLKifZxwjgqM2pbu2oHpSi7jNPO1eURTtG1HCy9_3dFfz3ZbQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo-security-fr.png soutenir.vaincrelamuco.org/medias/app/	943 B 1 KB	110ms 110ms	Image image/png	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/medias/app/logo-security-fr.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ac95b55a9b1451ed82ec3c2134d04ed432c0f3719c02961abe8164831348714f Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma public date Mon, 19 Feb 2024 18:47:59 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 12 Nov 2014 11:04:53 GMT server nginx x-amz-cf-pop FRA56-P8 etag "54633ed5-3af" x-cache Miss from cloudfront content-type image/png cache-control max-age=86400, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 943 x-amz-cf-id tFlh4DhuqvOB0NK4lDef6F2JOgK6uq3JLgoEuzIEjLfhoazKOE4iXg== expires Tue, 20 Feb 2024 18:47:59 GMT
GET H2	200	Sanstitre13.png soutenir.vaincrelamuco.org/cdn.iraiser.eu/M0SLDfEGp6j4PQ1gMNcssg==/default/origin/	418 KB 419 KB	21ms 21ms	Image image/png	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/cdn.iraiser.eu/M0SLDfEGp6j4PQ1gMNcssg==/default/origin/Sanstitre13.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5860d787913f8b004e03356908b0daf1f1a53025e1fd1ee45ff3bac63a1f085b Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:02:58 GMT via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront), 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA6-C1, FRA56-P8 age 2701 x-cache Hit from cloudfront content-type image/png cache-control max-age=315360000, public accept-ranges bytes content-length 428213 x-amz-cf-id KFp0dchYh-wYCPj71SyvFEMRhuwWE1Z5g049L829dSCu7AO4WSxtXA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	vtv1ovq.css use.typekit.net/	9 KB 1 KB	548ms 481ms	Stylesheet text/css	2a02:26f0:480:f::213:7ee1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/vtv1ovq.css Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 0faae2c5d233fb943eadb755dd734c16eef7be7e8ab6a5d3b43a1a6c555d1423 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Mon, 19 Feb 2024 18:48:00 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1070
GET H2	200	logo-security-fr.png soutenir.vaincrelamuco.org/medias/app/	943 B 1 KB	102ms 102ms	Image image/png	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/medias/app/logo-security-fr.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ac95b55a9b1451ed82ec3c2134d04ed432c0f3719c02961abe8164831348714f Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma public date Mon, 19 Feb 2024 18:47:59 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 12 Nov 2014 11:04:53 GMT server nginx x-amz-cf-pop FRA56-P8 etag "54633ed5-3af" x-cache Miss from cloudfront content-type image/png cache-control max-age=86400, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 943 x-amz-cf-id H4aJzjWnm5UswpABW18dsC1Wq_VXqYO6TA2indA643KVC6R-npcKZQ== expires Tue, 20 Feb 2024 18:47:59 GMT
GET H2	200	powered-by-iraiser.png soutenir.vaincrelamuco.org/libs.iraiser.eu/design/powered-by/v1/	2 KB 2 KB	21ms 20ms	Image image/png	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/libs.iraiser.eu/design/powered-by/v1/powered-by-iraiser.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 27f4af2dd922b70eb219d7ab51ca7f6b0eedb7664bc9c077b62b5859aaa93cdb Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:12:58 GMT via 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront), 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA56-P4, FRA56-P8 age 2101 x-cache Hit from cloudfront content-type image/png access-control-allow-origin https://js.stripe.com cache-control max-age=315360000, public accept-ranges bytes content-length 1780 x-amz-cf-id Om_4kJxfZ7OBCcxqN4PtiAyUtrKlESQKC7nXszY9s98Ie0f1yq0_OA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	202 KB 74 KB	85ms 38ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-942555343 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6981f1201d9be0bf7f1726b57514cc90ee1b41d5d9240ec39f49d48f9fc3c42a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75151 x-xss-protection 0 last-modified Mon, 19 Feb 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 19 Feb 2024 18:47:59 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	74ms 32ms	Script application/javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:47:59 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 jEXNH7qItSS8Y+G7eM2k2w== age 58470 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6841 x-ms-lease-status unlocked last-modified Thu, 15 Feb 2024 13:37:40 GMT server cloudflare etag 0x8DC2E2B4831946D vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 72f63dc2-c01e-001f-734e-618a87000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae77b8ae65a4-FRA
GET H2	200	p.css p.typekit.net/	5 B 172 B	99ms 29ms	Stylesheet text/css	2a02:26f0:780::210:a469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=vtv1ovq&ht=tk&f=139.140.175.176.143.144.147.148.156.157.161.162&a=84626202&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/vtv1ovq.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language de-DE,de;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT last-modified Fri, 23 Jun 2023 17:09:47 GMT server nginx etag "6495d1db-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	/ Show response js.stripe.com/v3/	600 KB 147 KB	109ms 29ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 19f0b3851ea9da3cd85d19ba83385ee4c22972a8c349eecb759e7f5237452660 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:35 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 25 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:46:58 GMT server Cloudfront etag W/"98275c137f67e5b8b0f15985447df88d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id 2LdI-gb-VGcv-NICrhxIILpjWckqTcTjNzy4MYWbAU9K1XlLDEhegg==
GET H2	200	gtm.js Show response www.googletagmanager.com/	306 KB 100 KB	39ms 39ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 14f4a03557cd8b8ce637adca33c26cd44a23650f8c78016c505173d86e64b208 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 102588 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:00 GMT
GET H2	200	error.css monitoring.iraiser.eu/	8 B 276 B	168ms 69ms	Stylesheet text/css	2600:9000:2090:1200:5:e00c:b700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.iraiser.eu/error.css?z=0.7206799399523061&cid=soutenir.vaincrelamuco.org%2F3238817929.1708368479&t=event&ec=JSError&ev=1&ea=%2FMUCO%2Fb%3Asteps%2Fcid%3D1%2Finline&el=Uncaught%20SyntaxError%3A%20Unexpected%20string%3B%20Stack%3A%20SyntaxError%3A%20Unexpected%20string.%20%3E%20inline%3A2673%3A30 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2090:1200:5:e00c:b700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash f04d6f4e31655290294a18aff5e6d9174a2990f5550f1939f59c41f8cb451073 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT via 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS58-P1 age 35297 x-cache Miss from cloudfront content-type text/css access-control-allow-origin * content-length 8 x-amz-cf-id -gN_n_bkzpJQH02nPttkcVUC0TbURU8sW0Q5ZJFXlgmCdzqBF4lzDA==
GET H2	200	error.css monitoring.iraiser.eu/v2/	18 B 289 B	340ms 240ms	Stylesheet text/css	2600:9000:2090:1200:5:e00c:b700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.iraiser.eu/v2/error.css?z=0.7206799399523061&cid=3238817929.1708368479&t=event&ec=JSError&ev=1&ea=%2FMUCO%2Fb%3Asteps%2Fcid%3D1%2Finline&el=Uncaught%20SyntaxError%3A%20Unexpected%20string%3B%20Stack%3A%20SyntaxError%3A%20Unexpected%20string.%20%3E%20inline%3A2673%3A30&sid=1708368479 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2090:1200:5:e00c:b700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash b9382ee6a46c4f58889a2be378fb7c6e20311519fa245bd97add4c63dd5a2446 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT via 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS58-P1 x-cache LambdaGeneratedResponse from cloudfront content-type text/css access-control-allow-origin content-length 18 x-amz-cf-id GQ1zKHfh8UDqD2CcsbO8wb2SkBJeEH-19_AEkoXpPozkmmSAkCx-2Q==
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	157ms 49ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 19 Feb 2024 18:48:00 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 723AD07C8BA2418AABC765138D951290 Ref B: DUS30EDGE0418 Ref C: 2024-02-19T18:48:00Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	214 KB 58 KB	64ms 21ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers permissions-policy-report-only clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 19 Feb 2024 18:48:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57257 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" pragma public x-fb-debug 1KdHeeBCYm4hZPQePOesWDsmC+OB7qXgC3ERd59MSFdTeTWKbeImyyJSK5ffPjGgi9Rm/1HZP6xMYVTfc/W+qw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	activityi;dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D... Show response 10134604.fls.doubleclick.net/ Frame 5925 Redirect Chain https://10134604.fls.doubleclick.net/activityi;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755... https://10134604.fls.doubleclick.net/activityi;dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D...	2 KB 1 KB	67ms 66ms	Document text/html	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://10134604.fls.doubleclick.net/activityi;dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1353764223118.8984? Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash 553fa9eb1f649672930f1c746333c18ad8f9b5d6a6dbcc4d02bd2c895e4ccd09 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 904 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 19 Feb 2024 18:48:00 GMT expires Mon, 19 Feb 2024 18:48:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 19 Feb 2024 18:48:00 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://10134604.fls.doubleclick.net/activityi;dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1353764223118.8984? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	quant.js Show response secure.quantserve.com/	23 KB 9 KB	62ms 20ms	Script application/javascript	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT content-encoding gzip etag "bvEECQq4Zy6gU9J/qv1O6Q==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Mon, 26 Feb 2024 18:48:00 GMT
GET H2	200	58469545-63b4-4612-8357-1916861367c1.json Show response cdn.cookielaw.org/consent/58469545-63b4-4612-8357-1916861367c1/	4 KB 2 KB	115ms 74ms	XHR application/x-javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/58469545-63b4-4612-8357-1916861367c1/58469545-63b4-4612-8357-1916861367c1.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdcbf6f0d7f8810c653ec957215e6fbccd93e9abd4563e389101207de4424025 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:00 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 Y4g+HAqZo3JEFqfGXO8zAw== content-length 1658 x-ms-lease-status unlocked last-modified Wed, 24 Jan 2024 16:11:28 GMT server cloudflare etag 0x8DC1CF71F0C6CD1 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id a7a4b5aa-f01e-0082-654f-61783d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae7b3853bb65-FRA expires Tue, 20 Feb 2024 18:48:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/942555343/	3 KB 2 KB	109ms 59ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942555343/?random=1708368480477&cv=11&fst=1708368480477&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-942555343 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7d2ff11646983c9e594a9b3e1c0fe40e90df0fecf1ae778b44f4db55eba8a927 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1324 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	check.css monitoring.iraiser.eu/	8 B 276 B	152ms 72ms	Stylesheet text/css	2600:9000:2090:1200:5:e00c:b700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.iraiser.eu/check.css?z=0.6766898173177638&cid=soutenir.vaincrelamuco.org%2F3238817929.1708368479&dl=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2FMUCO%2Fb%3Asteps%2Fcid%3D1&sc=start&dr=https%3A%2F%2Fsoutenir.vaincrelamuco.org&cd=2024-02-19%3A19.47.59-65d3a25f5976c&dt=soutenir.vaincrelamuco.org%2Fdonations&ul=fr-FR&ds=web Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2090:1200:5:e00c:b700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash f04d6f4e31655290294a18aff5e6d9174a2990f5550f1939f59c41f8cb451073 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT via 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS58-P1 age 81777 x-cache Miss from cloudfront content-type text/css access-control-allow-origin * content-length 8 x-amz-cf-id BYgK80IJq0kMESQxwJ7lSFjevHO8nWBHsFhG1mejpFmelxbHIB03Tw==
GET H2	200	check.css monitoring.iraiser.eu/v2/	18 B 289 B	356ms 276ms	Stylesheet text/css	2600:9000:2090:1200:5:e00c:b700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://monitoring.iraiser.eu/v2/check.css?z=0.6766898173177638&cid=3238817929.1708368479&dl=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2FMUCO%2Fb%3Asteps%2Fcid%3D1&sc=start&dr=https%3A%2F%2Fsoutenir.vaincrelamuco.org&cd=2024-02-19%3A19.47.59-65d3a25f5976c&dt=soutenir.vaincrelamuco.org%2Fdonations&ul=fr-FR&ds=web&sid=1708368479 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2090:1200:5:e00c:b700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash b9382ee6a46c4f58889a2be378fb7c6e20311519fa245bd97add4c63dd5a2446 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT via 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS58-P1 x-cache LambdaGeneratedResponse from cloudfront content-type text/css access-control-allow-origin content-length 18 x-amz-cf-id F_Y5YzFnbiz3o9i5xjCHQ27KJijs5EnCYQHA3T377SpqMZBTCb6cnA==
GET H2	200	css fonts.googleapis.com/	55 KB 13 KB	381ms 32ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Gothic+A1 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.js?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4332984479f8311fe8470290e7c66bce14800a097213a3bc9f553bc8dcb20ccb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 19 Feb 2024 18:48:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 19 Feb 2024 18:48:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Feb 2024 18:48:00 GMT
GET H2	200	select2.full.min.js Show response soutenir.vaincrelamuco.org/themes/default/js/	70 KB 20 KB	119ms 119ms	XHR application/javascript	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/js/select2.full.min.js?_=1708368479746 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/js/jquery-1.11.2.min.js?hash=5790ead7ad3ba27397aedfa3d263b867 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 249e5b8d94463770e790d8f77f3be78c5eaf988b1620aec32ade2c34340b0563 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 etag W/"65a78142-1165d" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id xNUUVqzCV_a-XqkS47MMqRIS-JzBM-slmcKvT6wph6khlTgi02SaDg==
GET H2	200	star.svg soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/	571 B 901 B	21ms 20ms	Image image/svg+xml	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/star.svg Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0bebdebcce1710b004aef683f338eb64fdcaa1df737122b449e84438da7c3d23 Request headers Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:26:09 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2700 etag "65a78142-23b" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 571 x-amz-cf-id IGcwxRSjiAMQa5Gmo9m9zdTpup5C_MBXzX541PlDMbM2BuZzXyw5jw==
GET DATA	200 OK	truncated /	366 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7cb54c273676dcaaf41e340f296153bf2e020c2aefb85d1f982f1c3a0fef718c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	pay_credit-card_full_size.svg soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/	2 KB 978 B	23ms 22ms	Image image/svg+xml	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/pay_credit-card_full_size.svg Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 54802cf593868e4306c6c828edce5eb96d2a2b1df749c5d9b77f7a831f6bd1ca Request headers Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:03:00 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2700 etag W/"65a78142-661" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml x-amz-cf-id kUs-Wnwn8CZLk0Rf-C0yG4_idZjfGXgnaFrLuZtUf_5GIbVwvl50yg==
GET H2	200	pay_paypal_full_size.svg soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/	2 KB 1 KB	24ms 23ms	Image image/svg+xml	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/pay_paypal_full_size.svg Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash abc57ce25ffb0f237a09e2d87dc102688ec1217ea15c3b48052fffa2aac3fc1f Request headers Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:03:00 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2700 etag W/"65a78142-7aa" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml x-amz-cf-id PLnPQQsQC7Ix2HrAla_ldt4dyxUeamfr16k0dDnJ7k5oWA4IVa-Lpg==
GET H2	200	pay_fintechture_full_size.svg soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/	3 KB 1 KB	24ms 24ms	Image image/svg+xml	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/pay_fintechture_full_size.svg Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0f39191140da93b2caab610ec13fa3ce5afa4d56cf175c75a58eae855d3e1a9e Request headers Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:03:00 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2699 etag W/"65a78142-b56" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml x-amz-cf-id GFyEIGb2IidjysRZIjcCs00mQC7t_dBWWk28hNCg4DcLkEMomAuopg==
GET H2	200	pay_default_full_size.svg soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/	6 KB 3 KB	25ms 25ms	Image image/svg+xml	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/pay_default_full_size.svg Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b95b7a9cadd01140ae044897ece39ddea0179063f54819b416c84c116373666b Request headers Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:26:10 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2700 etag W/"65a78142-17b8" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml x-amz-cf-id 2DtgqnA6r5YCulWr8pGbXUZymtzlDx2CMKwO-DNUPvJqoLnhmPv1hw==
GET H2	200	fa-solid-900.woff2 soutenir.vaincrelamuco.org/themes/default/arya/dist/assets/fontawesome-free/	76 KB 77 KB	25ms 25ms	Font application/octet-stream	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/assets/fontawesome-free/fa-solid-900.woff2 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537 Request headers Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:03:00 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2700 etag "65a78142-131bc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/octet-stream accept-ranges bytes content-length 78268 x-amz-cf-id iziu3IgMv5rMnX5nOntI9E_itRe2gi4F24KQw2uvIn_IpNzySLErJw==
GET H2	200	powered_by_white.png soutenir.vaincrelamuco.org/themes/default/arya/assets/	8 KB 8 KB	27ms 27ms	Image image/png	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/assets/powered_by_white.png?v=3 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 570307cf55ab0a86950ee2500c3ad8bead23b801070417923d9df4ae250f4df4 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:03:00 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2700 etag "65a78142-1f07" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 7943 x-amz-cf-id BW7ZzYqYEV483G9ADgAFsNxIt-vUeb9mAQY2c2NFgc4gea8Kot4SHA==
GET H2	200	rules-p-ycmCjtTcFrAXn.js Show response rules.quantcount.com/	1 KB 1 KB	93ms 35ms	Script application/javascript	2600:9000:20ab:1e00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-ycmCjtTcFrAXn.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 55e85f8cf9a8599f4f7341f573dedaf8ae910c3abf993b319e63d783ce52792a Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:03:02 GMT content-encoding gzip via 1.1 7d2716fe283418b87c2df69e15b55944.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P3 age 2699 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Mon, 23 Oct 2023 16:41:51 GMT server AmazonS3 etag W/"0913dac97d1a40eae16f7d556ef26f21" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-id JM7ykLJakC_3f1g2fu1ZlrB59pX7H9q-5jTMQ1SWo5uXAX6YKD-6LQ==
GET H3	200	js Show response www.googletagmanager.com/gtag/	250 KB 86 KB	37ms 36ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VNBGNHL9BM&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e9efdebea01acd3e9c8793942dd2a8e08e2494856dd35e5f37cd940010054274 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88227 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	264 KB 89 KB	44ms 44ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GPPKM9MZX6&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 808f48e50be499f39734d6a492561c293c44f9b3e2b0725252e69be790ee09c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91573 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/942555343/	3 KB 1 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942555343/?random=1708368480584&cv=11&fst=1708368480584&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1d51e3efe601f817fe9cd50173aa2af74d31a1b8f34e6d24c97888234ab84a85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/944571482/	3 KB 1 KB	58ms 57ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944571482/?random=1708368480587&cv=11&fst=1708368480587&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7db40401184332e94af99c7fd902b5cff34a4b07817095b06342e6926f9a6426 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1309 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activityi;dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dm... Show response 10134604.fls.doubleclick.net/ Frame 2F17 Redirect Chain https://10134604.fls.doubleclick.net/activityi;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1... https://10134604.fls.doubleclick.net/activityi;dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45H...	559 B 736 B	65ms 64ms	Document text/html	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://10134604.fls.doubleclick.net/activityi;dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash 31a960cceb0f4cc63de61bb5758d756d94933dd855d34ac2c7885d9b18e19bd4 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 345 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 19 Feb 2024 18:48:00 GMT expires Mon, 19 Feb 2024 18:48:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 19 Feb 2024 18:48:00 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://10134604.fls.doubleclick.net/activityi;dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/944571482/	3 KB 2 KB	91ms 39ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/944571482/?random=1708368480591&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&label=xhjTCOLIsoAYENqItMID&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&value=1&currency_code=USD&bttype=purchase&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 726933cee327c4498b0bbb9c8363ae0c02a9f58baaef58239894e472a95e05e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1739 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	w.js Show response static.woopra.com/js/	37 KB 13 KB	115ms 35ms	Script text/javascript	151.101.129.91 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.woopra.com/js/w.js Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.91 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Apache/2.2.15 (Red Hat) / Resource Hash 99de63f5da432e6e1703320047f01d18d721107a37db27717a0f9060d84e9039 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 48447 x-cache HIT, HIT content-length 13005 x-served-by cache-iad-kjyo7100129-IAD, cache-fra-eddf8230127-FRA last-modified Thu, 11 Jan 2024 02:48:03 GMT server Apache/2.2.15 (Red Hat) x-timer S1708368481.691789,VS0,VE0 etag "21dbc-9518-60ea29394e59b" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes x-cache-hits 67, 959
GET H2	200	ytc.js Show response s.yimg.com/wi/	18 KB 7 KB	118ms 34ms	Script application/javascript	2a00:1288:80:807::2 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/ytc.js Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers ats-carp-promotion 1, 1 date Mon, 19 Feb 2024 18:24:26 GMT x-amz-version-id xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW content-encoding gzip strict-transport-security max-age=31536000 x-content-type-options nosniff x-amz-request-id 9PNPBJD8T1J0NQ0D age 1415 x-amz-server-side-encryption AES256 content-length 6262 x-amz-id-2 uW2Q0otxYa/yX5D4FGvIWCNad2SJ7QNajVK4ZD97I5SYgLh8UewxHemw1nCtkoY2Wq8dxo1nlTOUXWy4qL0Xy56ksNppXfHcyN8dWF3tyGM= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade x-amz-expiration expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle" last-modified Mon, 26 Jun 2023 09:26:35 GMT server ATS etag "5c6ed25dce803fd84288922b8928409e-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type application/javascript cache-control public,max-age=3600 accept-ranges bytes
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	5 KB 3 KB	96ms 28ms	Script application/x-javascript	18.239.67.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKZHMPZ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.239.67.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-67-100.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Mon, 19 Feb 2024 09:28:06 GMT Content-Encoding gzip Via 1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront) Last-Modified Wed, 17 Jan 2024 00:44:59 GMT Server AmazonS3 X-Amz-Cf-Pop AMS58-P4 Age 33595 ETag W/"b7474eac210849250426a8f6a39d00f3" x-amz-server-side-encryption AES256 Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id yr5nvFrdO4XRDDSweMp2oklQT2kyF6bEGCH8kOg3VQ1d3I5X7n7pFg==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 304 B	95ms 42ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://soutenir.vaincrelamuco.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 8580ae7c18930493-FRA access-control-allow-headers Content-Type
GET H2	200	557230378270353 Show response connect.facebook.net/signals/config/	63 KB 13 KB	153ms 153ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/557230378270353?v=2.9.147&r=stable&domain=soutenir.vaincrelamuco.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1e3cc6acaadddccd3dd5c5cafef9f1d39554bbd852e28aa81e67c8f877bab973 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers permissions-policy-report-only clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 19 Feb 2024 18:48:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" pragma public x-fb-debug UX6kqgc78JeXSBkN9pTU0fgWIqLqlGBrIqokmFA0PHhK7uceqscZ5vUXeu4I6hbHsHrBq/PdQRwSlSrgSZyRCQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/942555343/	42 B 455 B	79ms 31ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/942555343/?random=1708368480477&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kn6hXHJvSiFAZXfM4gpJr2zYO_mReQ&random=2665015243&rmt_tld=0&ipr=y Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/942555343/	42 B 455 B	83ms 34ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/942555343/?random=1708368480477&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kn6hXHJvSiFAZXfM4gpJr2zYO_mReQ&random=2665015243&rmt_tld=1&ipr=y Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	controller-0a00273a524e8a2bac761367150ab0df.html Show response js.stripe.com/v3/ Frame 5701	325 B 1 KB	24ms 24ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eaaa034094c42a130215c2309d18fcc80f76536ce8452fa60428b08d513d5f63 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 28 cache-control max-age=60, stale-while-revalidate=900 content-length 325 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:47:35 GMT etag "0a00273a524e8a2bac761367150ab0df" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id sM_Ps-j92zRIu0JFj-dZWufXLR5h5KhHWLChVR3Ns4lzFyQb5AD0tg== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Show response js.stripe.com/v3/ Frame 4E54	798 B 2 KB	31ms 30ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a6f73db7f616f1a91fb80c5a0d1e6074dfdb60dc261acc30eacf01e3d3f25c3d Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2166 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:11:58 GMT etag "c935e4865ee77cbad99943e1a92b43e6" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id hpoucbuHWzsuLl-0iJ8ay98lrzXDfG_U8_XGZXXNBMjQxJD0fV-olA== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Show response js.stripe.com/v3/ Frame C2FE	798 B 2 KB	27ms 27ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a6f73db7f616f1a91fb80c5a0d1e6074dfdb60dc261acc30eacf01e3d3f25c3d Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2166 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:11:58 GMT etag "c935e4865ee77cbad99943e1a92b43e6" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id KueOVeUi6oYi29aUw9S3ADvMmRxBPhI7Yo3J5AdWdJAQ6p2cjB303w== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Show response js.stripe.com/v3/ Frame 54F2	798 B 2 KB	35ms 32ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a6f73db7f616f1a91fb80c5a0d1e6074dfdb60dc261acc30eacf01e3d3f25c3d Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2166 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:11:58 GMT etag "c935e4865ee77cbad99943e1a92b43e6" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id hTFumdNWSlBEkmCWkkfAQjr9cpG3NSE3247tfxezWilkYvbzbdbncQ== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	controller-0a00273a524e8a2bac761367150ab0df.html Show response js.stripe.com/v3/ Frame C344	325 B 1 KB	37ms 36ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eaaa034094c42a130215c2309d18fcc80f76536ce8452fa60428b08d513d5f63 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 28 cache-control max-age=60, stale-while-revalidate=900 content-length 325 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:47:35 GMT etag "0a00273a524e8a2bac761367150ab0df" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id d0TRn7QdXDZgZjXqNuDkTQuf_UY8OB3epkghwPiY0cLwb7Y6pq4GFw== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	payment-request-inner-google-pay-80b6985bf7579a3c5b730448d7fa517d.html Show response js.stripe.com/v3/ Frame 3B83	408 B 1 KB	37ms 37ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-google-pay-80b6985bf7579a3c5b730448d7fa517d.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 6d43059e3bf5b7c5ac833db75a6efa467eac31194c4c214c936cccf36599b9f2 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1743 cache-control max-age=31536000 content-length 408 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:21:29 GMT etag "80b6985bf7579a3c5b730448d7fa517d" last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id D2ELnoVydeZrBl6Qavqk6gCZ40R444iabtWBOXRpXlGMwxpVJwbYoA== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	payment-request-inner-browser-37ff78adea2d9e7d3ecec51d77a2118d.html Show response js.stripe.com/v3/ Frame 5925	344 B 2 KB	36ms 35ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-browser-37ff78adea2d9e7d3ecec51d77a2118d.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash adea24a90053557a4bbc5eaf945a46c5656ab831bc62b98bb24ebd1ff7b1895b Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 6 cache-control max-age=60, stale-while-revalidate=900 content-length 344 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:47:59 GMT etag "37ff78adea2d9e7d3ecec51d77a2118d" last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id UZ58ZorSgYjePGVnwOTWBZpjqWGBSEjQhh4RsHtY_CIS3UmxoEKxVg== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 5701	535 KB 117 KB	53ms 53ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2690 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id rwDcQtoKh9h2KdQtrfIk7MPbkU3RkuJc1wJUCiqQF_Y13E3WN8KrUw==
GET H2	200	controller-06cc5e6fbe7288dce04bb0d3b77351cc.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 5701	695 KB 162 KB	39ms 39ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-06cc5e6fbe7288dce04bb0d3b77351cc.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8dac2444bd12de319d5b62606da7b552e0ce70423841381e58a858c6d6a419fc Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:25:22 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1358 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"6643dc1f1326206b9a1003e46c728ed4" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 5HWmmhwXnRSkkp9hjJwsx2lCO-OHDp3-FKiRrIhPCEIdw5VMVBh_Sw==
GET H2	204	56276124.js Show response bat.bing.com/p/action/	0 117 B	49ms 48ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/56276124.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Mon, 19 Feb 2024 18:48:00 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 54B44E62725446268C0A7C3B9D4549F3 Ref B: DUS30EDGE0418 Ref C: 2024-02-19T18:48:00Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	116ms 116ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=56276124&Ver=2&mid=6a06c716-a31b-455b-bc6c-9567285c6580&sid=67dc1b80cf5711eeaa86278c28b5e136&vid=67dc0c90cf5711ee9fc519c6932f1bd2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Soutenez%20Vaincre%20la%20Mucoviscidose&kw=mucoviscidose,maladie,g%C3%A9n%C3%A9tique,rare,sant%C3%A9,association,don,dons,donner,soutenir&p=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&r=&lt=1917&evt=pageLoad&sv=1&rn=748727 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 19 Feb 2024 18:48:00 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: BD87177399C14F0C882643638093813B Ref B: DUS30EDGE0418 Ref C: 2024-02-19T18:48:00Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	0 bat.bing.com/actionp/	0 230 B	116ms 116ms	Ping text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/actionp/0?ti=56276124&Ver=2&mid=6a06c716-a31b-455b-bc6c-9567285c6580&sid=67dc1b80cf5711eeaa86278c28b5e136&vid=67dc0c90cf5711ee9fc519c6932f1bd2&vids=1&msclkid=N&evt=dedup Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 19 Feb 2024 18:48:00 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 70ACEBEDF0FF4E9396A30CDAAFB68605 Ref B: DUS30EDGE0418 Ref C: 2024-02-19T18:48:00Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/942555343/	42 B 108 B	35ms 35ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/942555343/?random=1708368480584&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_YjT1DmDckxHEj0lY8YCupL6dQWHiPQ&random=2758492653&rmt_tld=0&ipr=y Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/942555343/	42 B 108 B	33ms 33ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/942555343/?random=1708368480584&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_YjT1DmDckxHEj0lY8YCupL6dQWHiPQ&random=2758492653&rmt_tld=1&ipr=y Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	csp-report q.stripe.com/ Frame 5701	0 717 B	798ms 390ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481364169 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481363705 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	/ www.google.com/pagead/1p-user-list/944571482/	42 B 108 B	33ms 32ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/944571482/?random=1708368480587&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_pajnSeU-UAA2-7gQo8e-9VbB-Zh0Ag&random=2240508973&rmt_tld=0&ipr=y Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/944571482/	42 B 108 B	30ms 30ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/944571482/?random=1708368480587&cv=11&fst=1708365600000&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_pajnSeU-UAA2-7gQo8e-9VbB-Zh0Ag&random=2240508973&rmt_tld=1&ipr=y Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel;r=1875655059;labels=_fp.event.PageView%2C_fp.event.VLM_REMARKETING%2C_fp.event.VLM_FDD;rf=0;a=p-ycmCjtTcFrAXn;url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1;uht=2;fpa... pixel.quantserve.com/	35 B 629 B	25ms 24ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1875655059;labels=_fp.event.PageView%2C_fp.event.VLM_REMARKETING%2C_fp.event.VLM_FDD;rf=0;a=p-ycmCjtTcFrAXn;url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1;uht=2;fpan=1;fpa=P0-1162742306-1708368480564;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=vaincrelamuco.org;dst=1;et=1708368480668;tzo=-60;ogl=;ses=70a36c6e-4bfb-4920-9496-795a67adbe82;mdl= Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"filters":[{"label":["_fp.event.PageView"],"pcode":["p-ycmCjtTcFrAXn"]},{"label":["_fp.event.VLM_REMARKETING"],"pcode":["p-ycmCjtTcFrAXn"]},{"label":["_fp.event.VLM_FDD"],"pcode":["p-ycmCjtTcFrAXn"]}],"trigger_data":"1"}]} strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	FR.png soutenir.vaincrelamuco.org/themes/default/arya/dist/assets/flags/	2 KB 3 KB	20ms 20ms	Image image/png	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/assets/flags/FR.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 17518bc23bde1110dc980b8a7b76148213072f8d368146047a7f2b98469b9dd5 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:26:13 GMT via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 age 2700 etag "65a78142-95b" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 2395 x-amz-cf-id UdM6k8u3XzRPfRJ0YUxb58ToFTwNoIoDbUxi39UovZKbSv06wr_62g==
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C2FE	535 KB 117 KB	45ms 35ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2690 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Gr4-egZQm_alaN0odVVTScA1_pJSIK-LoxSlVnN0INzqDTGUJahmgQ==
GET H2	200	ui-shared-12c66da9e927726c235aee1505af52e8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C2FE	420 KB 107 KB	54ms 44ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-12c66da9e927726c235aee1505af52e8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0ee111e08533b93692681e38330813b7517ad66e5d03486baa9e978b380f98a4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:49:20 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3548 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront etag W/"26139c804892a7c4ba7cc44799daf1cc" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id zFEidju9HygSOGecUtNAzVn1dyPpKEVAfzDkFh7OWxrfpFUXe5xIvQ==
GET H2	200	elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C2FE	55 KB 15 KB	34ms 34ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ec57a4dbf2f5701d6dd2ea2544fbe32ad3f3ade01980b0911d4f62d3819de050 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:40:51 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 466 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"76a59273fefa046fdd922cf394c4bcae" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Vfgzw-XStbAdEhqk4SeJgXR3esltJkOyY1sg7aFI0OHFsQr0eFkuyw==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame C2FE	20 KB 4 KB	60ms 50ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:24:45 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1424 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id LotwMdFsZfbCyCp9PK2hrCNXqenDTEJ4IfojzJbEa5h18YbujwqCxQ==
GET H2	200	elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css js.stripe.com/v3/fingerprinted/css/ Frame C2FE	14 KB 2 KB	44ms 34ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:14 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 47 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"87bf0041cf7ae5e77d770c423e25828a" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id SBarTKVEQJSTZifbMrD_3K_ZZF0OovL_-ThByC4kQ2VRrN4FPZyvOQ==
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 4E54	535 KB 117 KB	63ms 54ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2690 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id ZbGh_BiwuErPBjgztNDREvSIn5Ylz1xaHvzuvuzcgrJ3D237uP4uWw==
GET H2	200	ui-shared-12c66da9e927726c235aee1505af52e8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 4E54	420 KB 107 KB	60ms 51ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-12c66da9e927726c235aee1505af52e8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0ee111e08533b93692681e38330813b7517ad66e5d03486baa9e978b380f98a4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:49:20 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3548 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront etag W/"26139c804892a7c4ba7cc44799daf1cc" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id xqsw5ONK2OoNtjOSoN8nHdvOGXcOWjTITEKUDYFvdgf0bBbjVxCf-g==
GET H2	200	elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 4E54	55 KB 15 KB	36ms 36ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ec57a4dbf2f5701d6dd2ea2544fbe32ad3f3ade01980b0911d4f62d3819de050 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:40:51 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 466 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"76a59273fefa046fdd922cf394c4bcae" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id D3R4eJSBWOTZtBcUGeXoX7D7jgBjPE4G3kLGNerYZWn3c0GkMG9vcg==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame 4E54	20 KB 4 KB	67ms 57ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:24:45 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1424 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id yFML4kbJD10ogE2HU6keDs47xvkQBaGH2RRKUYPqnQQjfBkqS4ig_A==
GET H2	200	elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css js.stripe.com/v3/fingerprinted/css/ Frame 4E54	14 KB 2 KB	59ms 50ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:14 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 47 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"87bf0041cf7ae5e77d770c423e25828a" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id OXsanT11pcUaNr9Uato8w9zEkJAclEw_F1ejEOPfPkOKwtRqsU-vow==
POST H2	204	collect region1.google-analytics.com/g/	0 261 B	82ms 31ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-VNBGNHL9BM&gtm=45je42e0v889115150z877820236za200&_p=1708368480462&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=782248928.1708368481&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708368480&sct=1&seg=0&dl=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&dt=Soutenez%20Vaincre%20la%20Mucoviscidose&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2140 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VNBGNHL9BM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://soutenir.vaincrelamuco.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 54F2	535 KB 117 KB	29ms 29ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2690 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id oPQhmhw3jF3G_F4I_IDH339UsdeogVChwPzINujpVBU1sTiOYoT7AA==
GET H2	200	ui-shared-12c66da9e927726c235aee1505af52e8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 54F2	420 KB 107 KB	32ms 31ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-12c66da9e927726c235aee1505af52e8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0ee111e08533b93692681e38330813b7517ad66e5d03486baa9e978b380f98a4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:49:20 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3548 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront etag W/"26139c804892a7c4ba7cc44799daf1cc" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id vrjKxGOGAG_YJYPr-GKodbtuxesBdyxGtXK6PCK4-nxqZ5wXpnnLbA==
GET H2	200	elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 54F2	55 KB 15 KB	45ms 45ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ec57a4dbf2f5701d6dd2ea2544fbe32ad3f3ade01980b0911d4f62d3819de050 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:40:51 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 466 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"76a59273fefa046fdd922cf394c4bcae" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 6Pnta5t0qn9Ly_K7u7q5D-SZPDaO-AFPgd4cnBo4iY8VVM96pRyYrw==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame 54F2	20 KB 4 KB	34ms 34ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:24:45 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1424 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 550Dn6revj_bxnYb1HPrr4dsBoDaPnp6nsP7DeYHIYKzvKKGDlDq4g==
GET H2	200	elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css js.stripe.com/v3/fingerprinted/css/ Frame 54F2	14 KB 2 KB	37ms 37ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:14 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 47 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"87bf0041cf7ae5e77d770c423e25828a" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id J-_S7q05v-116joNGraxdBQt995qzKxQIMNOCf-OlOLst7nR2uw7pQ==
POST		csp-report q.stripe.com/ Frame C2FE	0 0
POST		csp-report q.stripe.com/ Frame C2FE	0 0
POST		csp-report q.stripe.com/ Frame 4E54	0 0
POST		csp-report q.stripe.com/ Frame 4E54	0 0
POST H2	204	collect region1.analytics.google.com/g/	0 252 B	79ms 29ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-GPPKM9MZX6&gtm=45je42e0v889111927z877820236za200&_p=1708368480462&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=782248928.1708368481&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708368480&sct=1&seg=0&dl=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&dt=Soutenez%20Vaincre%20la%20Mucoviscidose&en=page_view&_fv=1&_ss=1&tfd=2164 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GPPKM9MZX6&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://soutenir.vaincrelamuco.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	97ms 30ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GPPKM9MZX6&cid=782248928.1708368481&gtm=45je42e0v889111927z877820236za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GPPKM9MZX6&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://soutenir.vaincrelamuco.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	55ms 54ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GPPKM9MZX6&cid=782248928.1708368481&gtm=45je42e0v889111927z877820236za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1644562719 Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C344	535 KB 117 KB	27ms 27ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2690 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id iHQClv37wQrvyHpae32WZHrquzjLdimhoqw6a2Hs83wN4bdo-HGRvg==
GET H2	200	controller-06cc5e6fbe7288dce04bb0d3b77351cc.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C344	695 KB 162 KB	31ms 30ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-06cc5e6fbe7288dce04bb0d3b77351cc.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8dac2444bd12de319d5b62606da7b552e0ce70423841381e58a858c6d6a419fc Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:25:22 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1358 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"6643dc1f1326206b9a1003e46c728ed4" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id _jVApfXw6eIhRwriPvSHJHpwDa0zwnltgXA4on-m_jBRs3KuLYyt7g==
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 5925	535 KB 117 KB	52ms 52ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-browser-37ff78adea2d9e7d3ecec51d77a2118d.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-browser-37ff78adea2d9e7d3ecec51d77a2118d.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2690 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id lfi0MenQA6_Q9KuR-J2QLaJu2AaKGFZXnQWypd6yasLATa7wKTR25Q==
GET H2	200	payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 5925	13 KB 6 KB	51ms 51ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-browser-37ff78adea2d9e7d3ecec51d77a2118d.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-browser-37ff78adea2d9e7d3ecec51d77a2118d.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:51:27 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3394 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"32dba56f50e599b5cc53a055305f8c45" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id fM5LXQ3Wxma_U_TantVdH0e0mce6z7VB2fGNvYvE_jrxMIEZcVIeNg==
GET H2	200	pay.js Show response pay.google.com/gp/p/js/ Frame 3B83	117 KB 36 KB	147ms 71ms	Script application/javascript	2a00:1450:400c:c09::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-80b6985bf7579a3c5b730448d7fa517d.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9a8915aea1dbb6b2ef9752558fd5d49345859c75806cb19bdae6bbdca814e667 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-U5aZmt5NpE05NjSlTjN_9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:00 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-U5aZmt5NpE05NjSlTjN_9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmLw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdFa-ddNZVYBYd_101lAgdkqfwRoExD71M1hjgFiIh-PBkXPr2AQark5dwwwAMb40bg" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 19 Feb 2024 18:48:00 GMT
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 3B83	535 KB 117 KB	57ms 57ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-80b6985bf7579a3c5b730448d7fa517d.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-google-pay-80b6985bf7579a3c5b730448d7fa517d.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2690 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id CfMNtXbYy0gM4N-ntYjP2PUxRDcJ_GaRKfaZID6BbpwAVdRZ3uIFJg==
GET H2	200	payment-request-inner-google-pay-55926d87f8538450887ab383061d3425.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 3B83	12 KB 5 KB	24ms 24ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-55926d87f8538450887ab383061d3425.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-80b6985bf7579a3c5b730448d7fa517d.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash f8e37527996d0530694a2a8ddf6afdcf28cc8a05e50ce3ce9d3f2f743b04659f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-google-pay-80b6985bf7579a3c5b730448d7fa517d.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:51:26 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3415 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"c9c83657cf777673149a15b5cf68258f" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id VZysslF0tRgRqI-6ETcrwpsWw5KN9Sd3aOZLHQ-Rt7JQb1QWeRQdnQ==
GET H2	200	dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=13537... adservice.google.com/ddm/fls/z/ Frame 5925	42 B 107 B	105ms 57ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1353764223118.8984 Requested by Host: 10134604.fls.doubleclick.net URL: https://10134604.fls.doubleclick.net/activityi;dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1353764223118.8984? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10134604.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDEwMTM0NjA0CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly92YWluY3JlbGFtdWNvLm9yZyIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVi... ad.doubleclick.net/ddm/activity/ Frame 5925	0 2 KB	120ms 55ms	Image image/png	142.250.185.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDEwMTM0NjA0CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly92YWluY3JlbGFtdWNvLm9yZyIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiA3NTExMDI3NTgzMDk1MjUxMTM5CmN0Y19jb252ZXJzaW9uX2J1Y2tldDogNQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExOTU3MTk3CiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTE5IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiA5MjcwMTcxNTY2ODg4Nzg1MDM1Cg Requested by Host: 10134604.fls.doubleclick.net URL: https://10134604.fls.doubleclick.net/activityi;dc_pre=COqvucOIuIQDFQ9XHgIdDacE9A;src=10134604;type=invmedia;cat=vlm_r0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1353764223118.8984? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10134604.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT attribution-reporting-register-trigger {"aggregatable_deduplication_keys":[{"deduplication_key":"9270171566888785035"}],"aggregatable_trigger_data":[{"filters":{"14":["11957197"]},"key_piece":"0xd79089e07bfa03a1","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x400146bca5a19a67","not_filters":{"14":["11957197"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["11957197"]},"key_piece":"0x79c331b235cc209","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x62e3b9da56977cb4","not_filters":{"14":["11957197"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"7511027583095251139","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9270171566888785035","filters":{"14":["11957197"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"9270171566888785035","filters":{"14":["11957197"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"9270171566888785035","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"9270171566888785035","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["10134604"]}} x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=*;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;u... adservice.google.com/ddm/fls/z/ Frame 2F17	42 B 401 B	104ms 56ms	Image image/gif	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=*;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1 Requested by Host: 10134604.fls.doubleclick.net URL: https://10134604.fls.doubleclick.net/activityi;dc_pre=CNyMu8OIuIQDFaRSHgId-MIAhA;src=10134604;type=invmedia;cat=flood0;ord=1;num=8896949970536;npa=0;auiddc=1688865869.1708368480;pscdl=noapi;gtm=45He42e0v77820236za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10134604.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202401.1.0/	429 KB 104 KB	31ms 31ms	Script application/javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f397381c3df41ea1a4714a1dfea67c1381e25627a18596201af50c40d93ab06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:00 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 PypTWx4nlFN0E393LXKANQ== age 32154 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 106526 x-ms-lease-status unlocked last-modified Mon, 22 Jan 2024 07:01:57 GMT server cloudflare etag 0x8DC1B18065F5741 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 36e9abe2-a01e-00a0-71c2-4dbd22000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae7cff0065a4-FRA
POST		csp-report q.stripe.com/ Frame 54F2	0 0
POST		csp-report q.stripe.com/ Frame 54F2	0 0
POST H2	200	csp-report q.stripe.com/ Frame C344	0 717 B	706ms 436ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481364402 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481363791 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 5925	0 717 B	666ms 397ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481364194 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481363715 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 5925	0 717 B	706ms 437ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481364414 x-envoy-upstream-service-time 6 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 3 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481363711 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 3B83	0 717 B	666ms 398ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481365017 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364437 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 3B83	0 717 B	658ms 390ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481364861 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364420 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 5701	474 B 916 B	70ms 27ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 10 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id z1vex4uIIJ8q5gSF6k5-dc2bePK9AZVrAfJjyJch4gHg47rGvistAw==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 5701	474 B 915 B	64ms 27ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 10 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id mdc0WbcPz4gtI_sfGj1dgK65a2T4WV4Xw8TWF5mSVEs3xIjgssp-Ig==
GET H3	200	/ www.google.de/pagead/1p-conversion/944571482/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=syp... https://www.google.com/pagead/1p-conversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_... https://www.google.de/pagead/1p-conversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h...	42 B 64 B	40ms 40ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&label=xhjTCOLIsoAYENqItMID&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUkltQUFmT29LendGczVzRXo3Ri1pVjhESFRSSDRYeFpxMl80djNSSlVHX3YxcUhBSE9mN2tFGlhDaEFJZ0pYTXJnWVFvT2ljdUwtbi1PQjJFaTRBY0t6ajNnR25zRGdUVEd4Rzk1TjNGRWo2QTdYd2JNM3REN3hvQ1ZDbnk1cndGRncxWkhETHNvbHFncHFBIhMI6Ly9w4i4hAMVp15BAh2hdQybMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=YKLTZeiMKKe9hcIPoeux2Ak&cid=CAQSKQAvHhf_rI8D4zSmMqLUighS5erBdsqG0PPrVosTELiy5z7n9VQ5TzjA&eitems=ChAIgJXMrgYQqeLk35-K7fsBEh0AodEqn0gb9pWaH0KyqT4DxH8Lmm_UDY_ByOdQzA&random=58714965&ipr=y Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H3 Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 19 Feb 2024 18:48:00 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/944571482/?random=1377280529&cv=11&fst=1708368480591&bg=ffffff&guid=ON&async=1&gtm=45He42e0v77820236za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&label=xhjTCOLIsoAYENqItMID&hn=www.googleadservices.com&frm=0&tiba=Soutenez%20Vaincre%20la%20Mucoviscidose&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1688865869.1708368480&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=Ek9DaEVJZ0pYTXJnWVFpOXVEMU9ucjFvV2lBUkltQUFmT29LendGczVzRXo3Ri1pVjhESFRSSDRYeFpxMl80djNSSlVHX3YxcUhBSE9mN2tFGlhDaEFJZ0pYTXJnWVFvT2ljdUwtbi1PQjJFaTRBY0t6ajNnR25zRGdUVEd4Rzk1TjNGRWo2QTdYd2JNM3REN3hvQ1ZDbnk1cndGRncxWkhETHNvbHFncHFBIhMI6Ly9w4i4hAMVp15BAh2hdQybMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=YKLTZeiMKKe9hcIPoeux2Ak&cid=CAQSKQAvHhf_rI8D4zSmMqLUighS5erBdsqG0PPrVosTELiy5z7n9VQ5TzjA&eitems=ChAIgJXMrgYQqeLk35-K7fsBEh0AodEqn0gb9pWaH0KyqT4DxH8Lmm_UDY_ByOdQzA&random=58714965&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	10092765.json Show response s.yimg.com/wi/config/	2 B 485 B	497ms 430ms	XHR application/json	2a00:1288:80:807::2 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/config/10092765.json Requested by Host: s.yimg.com URL: https://s.yimg.com/wi/ytc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-request-id N8ASJAMRDCH4RNWK age 2 content-length 22 x-amz-id-2 QYgjVVomc4vZ2VYj65JZMgbQUeHeLEZBwD8/JrrGQtNq//J3b8JRnBvCa6DvViiAu0xD1c4h/hU= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server ATS expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control public,max-age=3600
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame C2FE	474 B 916 B	48ms 28ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 10 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id MrSOArjEtcsE2RGL6pbMb4jGGbJZv2kBKt77ikRnS0Xnr9YKvDFbLg==
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame C2FE	160 KB 31 KB	45ms 33ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 449 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id FiLcPvDbk3zfeM_qyoxNyl1BQ0mFYT-JcMMz0hnd-_rewGCQMHwuMg==
GET H3	200	261670551360188 Show response connect.facebook.net/signals/config/	24 KB 3 KB	151ms 151ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/261670551360188?v=2.9.147&r=stable&domain=soutenir.vaincrelamuco.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4bf86f30edfed5161169c463ba8f37b5fdafa77453f481a21cc6e30305dadac7 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers permissions-policy-report-only clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 19 Feb 2024 18:48:01 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" pragma public x-fb-debug /ArDefh1Jd2dW2dTYKD/z+yx6Ebr1YF7Ip8+AGNOCTSa5h366oN3HhK312aLWDIYGwL0XxDIinqyPi/OOFDt2g== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	67ms 23ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=557230378270353&ev=PageView&dl=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&rl=&if=false&ts=1708368480870&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708368480869.1292556816&cs_est=true&ler=empty&cdl=API_unavailable&it=1708368480602&coo=false&exp=e1&rqm=GET Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 19 Feb 2024 18:48:00 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 4E54	474 B 916 B	42ms 42ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 10 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id qBXun81ldnWzBzgNpsB1E3JYGU_67C7omeLv-dRj2ra5C6GOMlqkjA==
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame 4E54	160 KB 31 KB	43ms 43ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 449 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id G7ms8Im2Iaf4TFzEWbPb3_aIS6BTIJUawsteOWOuYqG_0GcLqNz3Ng==
GET H2	200	/ Show response www.woopra.com/track/ce/	46 B 101 B	199ms 25ms	Script text/plain	162.55.95.216 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.woopra.com/track/ce/?project=vaincrelamuco.org&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=&cookie=ZptC7CvkEoyR&event=pv&timeout=600000&idptnc=Sj7XgofuziKb&ce_url=%2Fdon%2F~mon-don%3F_cv%3D1&ce_title=Soutenez%20Vaincre%20la%20Mucoviscidose&ce_domain=soutenir.vaincrelamuco.org&ce_uri=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&ce_scroll%20depth=0.6166495375128469&ce_returning=false Requested by Host: static.woopra.com URL: https://static.woopra.com/js/w.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.55.95.216 Bergen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.216.95.55.162.clients.your-server.de Software / Resource Hash bbc16699cfa67079420912dc830a62d38298d652ad0ba25921d1a9bd27c3d850 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-length 46
GET H2	200	CSR94z5ZnPydRjlCCwlKa8cv.woff2 fonts.gstatic.com/s/gothica1/v13/	14 KB 15 KB	74ms 24ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwlKa8cv.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Gothic+A1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d8018ef4bcb567a16fc02ba9e38b67db217953dd5a8f317e6f101f873dfad74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 07:41:46 GMT x-content-type-options nosniff age 471975 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14808 x-xss-protection 0 last-modified Thu, 21 Apr 2022 16:26:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Feb 2025 07:41:46 GMT
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame 5701	160 KB 31 KB	25ms 25ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 449 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id H9tFRkKWRL_WEo4A4Bt5r1nhsPIAYdQP8IvkQ8fU5DPjkhrlXzD6CQ==
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame 5701	160 KB 31 KB	30ms 30ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 449 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id YrKvAO6lvIU2DQrZw7VCxRvMo8fRpDDPdr8AHpX0pToWZ8-FY5TaGw==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame C344	474 B 916 B	30ms 29ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 10 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id g35UmSGI7axskLP6XIZkmYSzKFntQqkG5V91bo21tQAuJhHH3iYR5w==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame C344	474 B 916 B	23ms 23ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-0a00273a524e8a2bac761367150ab0df.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 10 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id XI_Wfe1lPRsVw8DcnQ34YoycHGN0v9MWeJTo5wGtwLQMrYfOBrinhg==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 54F2	474 B 917 B	29ms 29ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 10 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id yNFkwyj3tPxybu1uqtKPpXSmxZVFf53yxXw2POSTPd4ug2fhoP8YDg==
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame 54F2	160 KB 31 KB	28ms 28ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 449 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id PFKYCj8urWEwXBohbM53G1_iJ8ocfZiUL_G0r-oIDNALgBlXvtAzVA==
GET H2	200	en.json Show response cdn.cookielaw.org/consent/58469545-63b4-4612-8357-1916861367c1/cbc89176-c900-4171-b43e-33b07ba6a950/	41 KB 11 KB	114ms 114ms	Fetch application/x-javascript	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/58469545-63b4-4612-8357-1916861367c1/cbc89176-c900-4171-b43e-33b07ba6a950/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b99e687570bb0a41cd58dece123a984d3ab9e4983a28c4362c6349fe822889a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status REVALIDATED strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 dhMFccoaSZleb283E+i6ow== content-length 11056 x-ms-lease-status unlocked last-modified Wed, 24 Jan 2024 16:11:28 GMT server cloudflare etag 0x8DC1CF71F43C854 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 398f64cf-801e-007c-3188-62177c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae7e3b17bb65-FRA expires Tue, 20 Feb 2024 18:48:01 GMT
POST H2	200	wallet-config Show response merchant-ui-api.stripe.com/elements/ Frame 5701	3 KB 3 KB	616ms 522ms	Fetch application/json	198.137.150.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://merchant-ui-api.stripe.com/elements/wallet-config Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.137.150.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 66289b49754ffac68bda3dfafac85d06336d1a15c813bdefd33920fb31d57f8e Security Headers Name Value Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-security-policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' strict-transport-security max-age=63072000; includeSubDomains; preload cross-origin-resource-policy same-site content-length 2656 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx access-control-max-age 300 access-control-allow-methods GET, POST content-type application/json; charset=UTF-8 access-control-allow-origin https://js.stripe.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin access-control-allow-headers x-stripe-csrf-token cross-origin-opener-policy-report-only same-origin; report-to=https://q.stripe.com/coop-report expires 0
GET H2	200	CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2 fonts.gstatic.com/s/gothica1/v13/	9 KB 9 KB	22ms 22ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Gothic+A1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c2ef1fb8e14731044ec0ef5180e4252ce4620bab1fa108ce11907f64db95a8c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 13 Feb 2024 09:07:35 GMT x-content-type-options nosniff age 553226 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9340 x-xss-protection 0 last-modified Thu, 21 Apr 2022 16:27:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Feb 2025 09:07:35 GMT
POST H2	200	wallet-config Show response merchant-ui-api.stripe.com/elements/ Frame C344	3 KB 3 KB	355ms 267ms	Fetch application/json	198.137.150.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://merchant-ui-api.stripe.com/elements/wallet-config Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.137.150.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ea1e12c399ecfe696f162ec6f3384d914cf044a3a44666848c40986e61c9b71e Security Headers Name Value Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-security-policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' strict-transport-security max-age=63072000; includeSubDomains; preload cross-origin-resource-policy same-site content-length 2656 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx access-control-max-age 300 access-control-allow-methods GET, POST content-type application/json; charset=UTF-8 access-control-allow-origin https://js.stripe.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin access-control-allow-headers x-stripe-csrf-token cross-origin-opener-policy-report-only same-origin; report-to=https://q.stripe.com/coop-report expires 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 274 B	787ms 389ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481693486 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368481693208 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	788ms 391ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481693939 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368481693440 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	785ms 389ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481693199 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1708368481692999 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	784ms 390ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481693527 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1708368481692903 access-control-allow-credentials true content-length 0
GET H2	200	.deploy_status_henson.json js.stripe.com/v3/ Frame 4E54	0 0	23ms 23ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 11 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id 2sNHgVHMHm2tAIrBb4kisEa4I5nsj8ytzWqZ32IR6-F_2ZvVbRqyxQ==
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 274 B	968ms 588ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481883773 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 12 x-stripe-client-envoy-start-time-us 1708368481883509 access-control-allow-credentials true content-length 0
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame F622	19 KB 8 KB	82ms 81ms	Document text/html	2a00:1450:400c:c09::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 649818eb9e467a99dd5029ae8715aa8c11508b35a6ec56889dcf6ecfe9f9acfe Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-1JTknSPjsFqF8rxyF4-JOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-1JTknSPjsFqF8rxyF4-JOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin cross-origin-resource-policy same-site date Mon, 19 Feb 2024 18:48:01 GMT expires Mon, 19 Feb 2024 18:48:01 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* reporting-endpoints default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmLw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdFa-ddNZVYBYd_101lAgdkqfwRoExD71M1hjgFiIm-PhkXPr2AQWXN6qBwD9ezQr" server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
POST H2	200	b Show response r.stripe.com/ Frame C344	0 273 B	926ms 587ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481884233 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368481883617 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame C344	0 273 B	914ms 577ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481883956 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1708368481883739 access-control-allow-credentials true content-length 0
POST		b r.stripe.com/ Frame 4E54	0 0
GET		elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html js.stripe.com/v3/ Frame 5ABE	0 0
GET		elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html js.stripe.com/v3/ Frame DDB9	0 0
GET		elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html js.stripe.com/v3/ Frame A9D2	0 0
GET H2	200	elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Show response js.stripe.com/v3/ Frame EC6C	798 B 2 KB	29ms 29ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a6f73db7f616f1a91fb80c5a0d1e6074dfdb60dc261acc30eacf01e3d3f25c3d Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2167 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:11:58 GMT etag "c935e4865ee77cbad99943e1a92b43e6" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id B8l33wka5xKxew6UgCFzldZKT3eQ6660iHMan5RtfIq9rN9Q7f26Qg== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Show response js.stripe.com/v3/ Frame 1361	798 B 2 KB	28ms 28ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a6f73db7f616f1a91fb80c5a0d1e6074dfdb60dc261acc30eacf01e3d3f25c3d Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2167 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:11:58 GMT etag "c935e4865ee77cbad99943e1a92b43e6" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id vMJWONVxxvFqPKXmttbl6SmN_AvURIrby9l2F5PJzKIGzurfkacaUQ== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Show response js.stripe.com/v3/ Frame A473	798 B 2 KB	36ms 36ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a6f73db7f616f1a91fb80c5a0d1e6074dfdb60dc261acc30eacf01e3d3f25c3d Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2167 cache-control max-age=31536000 content-length 798 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:11:58 GMT etag "c935e4865ee77cbad99943e1a92b43e6" last-modified Fri, 16 Feb 2024 21:04:33 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id a4_C_tsYONRR9wTdgpWrZ_ueJZmVum_zsYYBk6D8odwrGgD5WEvPHQ== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	890ms 578ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481883373 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1708368481882955 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	890ms 580ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481884060 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368481883576 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	891ms 583ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481883579 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1708368481883201 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	883ms 576ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481882518 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368481882349 access-control-allow-credentials true content-length 0
GET H2	200	/ www.facebook.com/tr/	0 54 B	22ms 22ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=261670551360188&ev=PageView&dl=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&rl=&if=false&ts=1708368481103&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708368480869.1292556816&cs_est=true&ler=empty&cdl=API_unavailable&it=1708368480602&coo=false&exp=e1&rqm=GET Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 19 Feb 2024 18:48:01 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	otFloatingRoundedCorner.json Show response cdn.cookielaw.org/scripttemplates/202401.1.0/assets/	10 KB 3 KB	62ms 62ms	Fetch application/json	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFloatingRoundedCorner.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 4DBGSTlfXMttx+/fSGW0Qg== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2627 x-ms-lease-status unlocked last-modified Mon, 22 Jan 2024 07:01:53 GMT server cloudflare etag 0x8DC1B18038D4039 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 84dd7029-b01e-0015-5d91-612e30000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae7efbdebb65-FRA
GET H2	200	otPcPanel.json Show response cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/	64 KB 13 KB	60ms 59ms	Fetch application/json	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcPanel.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97844014791e7702e498af1b54139d615fc5a34f9b47cca8dd9d3cce6f645bda Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 aROp9sdxSlz5Zz9b3ZIIVA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12859 x-ms-lease-status unlocked last-modified Mon, 22 Jan 2024 07:01:54 GMT server cloudflare etag 0x8DC1B180401C2DD vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id e729632c-a01e-007b-0331-617b1f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae7f0be1bb65-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202401.1.0/assets/	21 KB 4 KB	61ms 61ms	Fetch text/css	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 c7xAZ9MSGAobGaTYg/Qtag== x-ms-lease-status unlocked last-modified Mon, 22 Jan 2024 07:02:03 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id b34e3751-c01e-000f-3e3f-614fef000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8580ae7f0be3bb65-FRA
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame EC6C	535 KB 117 KB	33ms 33ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2691 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id y3fT7VPfmxm-ltU3XvWxd3W4jZZbiIQsDmp355XPJQaopSsHhR5FbQ==
GET H2	200	ui-shared-12c66da9e927726c235aee1505af52e8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame EC6C	420 KB 107 KB	31ms 31ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-12c66da9e927726c235aee1505af52e8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0ee111e08533b93692681e38330813b7517ad66e5d03486baa9e978b380f98a4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:49:20 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3549 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront etag W/"26139c804892a7c4ba7cc44799daf1cc" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 3AEV4bf-XOy83PIYKpu2vUAESyNpCVbboiMlmsNt3u1NHTFl3FpM2A==
GET H2	200	elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame EC6C	55 KB 15 KB	37ms 37ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ec57a4dbf2f5701d6dd2ea2544fbe32ad3f3ade01980b0911d4f62d3819de050 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:40:51 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 467 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"76a59273fefa046fdd922cf394c4bcae" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id sHj8ydZVeCBLUWX0PqYX8PV-Hh-zeXAJg6UBwihRAALXETBdAQ4nRA==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame EC6C	20 KB 4 KB	30ms 30ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:24:45 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1425 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Z2C1Kc7IF8kABUBiwEJa-2VJWt88e6_yDUA3qMBSXAoDMbkAazj05w==
GET H2	200	elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css js.stripe.com/v3/fingerprinted/css/ Frame EC6C	14 KB 2 KB	29ms 29ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:14 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 48 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"87bf0041cf7ae5e77d770c423e25828a" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id beUS1QtxIosNIvxutEOPvWW-dlHKwmmsU_wXJ3lTFzNDUpR5O_FPCQ==
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 1361	535 KB 117 KB	55ms 54ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2691 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 88or33P67_ZoIQZxw8roqaLKygGoOCipMYDtyXgvDNPoA40VjzYHJA==
GET H2	200	ui-shared-12c66da9e927726c235aee1505af52e8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 1361	420 KB 107 KB	41ms 41ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-12c66da9e927726c235aee1505af52e8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0ee111e08533b93692681e38330813b7517ad66e5d03486baa9e978b380f98a4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:49:20 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3549 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront etag W/"26139c804892a7c4ba7cc44799daf1cc" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id N67OIYqLDakYG7DNftHh5wXO3HOlJ3DdEAnZChxGnnR5V4ztFJjw7g==
GET H2	200	elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 1361	55 KB 15 KB	35ms 35ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ec57a4dbf2f5701d6dd2ea2544fbe32ad3f3ade01980b0911d4f62d3819de050 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:40:51 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 467 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"76a59273fefa046fdd922cf394c4bcae" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id GNs8I0foKnmWkbdGxZUEzSFTAeUpD3WXYztS9WnRA68GXXky5TZNSw==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame 1361	20 KB 4 KB	36ms 36ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:24:45 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1425 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 8G0kvov53-ff-rAimuOSI94SpScdPrDhue_a5qNAiGhzgCjtX57vzg==
GET H2	200	elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css js.stripe.com/v3/fingerprinted/css/ Frame 1361	14 KB 2 KB	35ms 35ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:14 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 48 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"87bf0041cf7ae5e77d770c423e25828a" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id Z_3LnYXbdM8S5KVZOb8FAAtYto7gImzEOmKkvCx94sg7TAKR-L3r7A==
POST H2	200	csp-report q.stripe.com/ Frame EC6C	0 717 B	366ms 366ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481365223 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364449 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame EC6C	0 717 B	393ms 393ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481366307 x-envoy-upstream-service-time 6 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 3 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364450 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 1361	0 717 B	366ms 365ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481365608 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364549 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 1361	0 717 B	393ms 393ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481366526 x-envoy-upstream-service-time 6 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 3 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364649 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	shared-b79bc922ecf9d10dcf378fe9121cae3f.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A473	535 KB 117 KB	36ms 36ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0825faf87032847ab5b1a095d37604180409e06068f52a2d96b6b170b8567b9c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:18:27 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2691 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag W/"92a5566719be4df4870e3176292f4dee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id AS7d4hEKiGom-SEjYbeL01WJAzQkYNL_B5dPo1dboyzHauqpIyxNTw==
GET H2	200	ui-shared-12c66da9e927726c235aee1505af52e8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A473	420 KB 107 KB	39ms 39ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-12c66da9e927726c235aee1505af52e8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 0ee111e08533b93692681e38330813b7517ad66e5d03486baa9e978b380f98a4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 17:49:20 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 3549 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront etag W/"26139c804892a7c4ba7cc44799daf1cc" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id cnuG9W-JPoGi1bJvnFZNPSOhk6DdvaH4Lag6NEpGS0wuhL6KK16KlA==
GET H2	200	elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A473	55 KB 15 KB	40ms 40ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-52fc3d620abdb3dc0ac08161a25ae97a.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ec57a4dbf2f5701d6dd2ea2544fbe32ad3f3ade01980b0911d4f62d3819de050 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:40:51 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 467 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:44 GMT server Cloudfront etag W/"76a59273fefa046fdd922cf394c4bcae" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id paNeAFqSE8oP74eH2e5YhuSf7aKbRYXcMu_askoXtrd0Sm7obNVMMQ==
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame A473	20 KB 4 KB	39ms 38ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:24:45 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 1425 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id NVXF9qa1ouKvexEsByFbyF1GJ_Bbteb50srDgO1xerfLKVqTRlCkpw==
GET H2	200	elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css js.stripe.com/v3/fingerprinted/css/ Frame A473	14 KB 2 KB	35ms 35ms	Stylesheet text/css	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:47:14 GMT content-encoding br via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 48 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:34 GMT server Cloudfront etag W/"87bf0041cf7ae5e77d770c423e25828a" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id boXnbNlq4HAUrZCi-ECQaluRcNy9tV749LEwnCqbSDQRG-BfK6sAyQ==
POST H2	200	csp-report q.stripe.com/ Frame A473	0 717 B	331ms 330ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481365126 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364559 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame A473	0 717 B	370ms 370ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481365926 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481364667 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame F622	157 KB 56 KB	75ms 22ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3ba25e3b25d77e28903b431c589f20ea5a41cf83251a40862247a7b01b4680a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 03:30:59 GMT content-encoding gzip x-content-type-options nosniff age 314222 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56840 x-xss-protection 0 last-modified Wed, 14 Feb 2024 08:05:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 15 Feb 2025 03:30:59 GMT
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F622	2 KB 2 KB	129ms 129ms	Other text/html	2a00:1450:400c:c09::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1608 content-type text/html; charset=UTF-8
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame EC6C	474 B 917 B	32ms 32ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 11 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id jyekWOeaymPtWUwcwZwNuGAVN9hDadTvifvjWKAiMH1jJCVjhFzXUw==
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame EC6C	160 KB 31 KB	27ms 26ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 450 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id IXIyWVLIR9dnRHMtKeBJWH4xLRieroy1MQxnNp9Myv0aLCXXqRFZ4Q==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame EC6C	474 B 916 B	26ms 25ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 11 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id j7jvK3cn2VRu0mUlZ9Fbd0yqwDiQnheOq3E6UUOX6oiv12P3b4hyyQ==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame A473	474 B 916 B	24ms 24ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 11 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id wKNZD2Z4lCtnsBbzbCqDSrcifLhDZxq_XQKmYFAlQ0W5cIh0keidIg==
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame A473	160 KB 31 KB	27ms 27ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 450 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 9iRkahZ5NPexX4iUmeaBttIVxX7k75jtU7mgcH_OhRsZipJybsjWow==
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 488 B	51ms 51ms	Fetch image/svg+xml	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== x-ms-lease-status unlocked last-modified Thu, 15 Feb 2024 13:37:50 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 5a978cf4-901e-0084-2cb6-604b82000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8580ae7f9c7dbb65-FRA
GET H2	200	Logo_VLM@2x.png cdn.cookielaw.org/logos/31540f04-d82b-40ab-95f7-4103f35f6d52/1d16f091-0934-4e00-97fd-89aef8caa165/90945b91-7647-4fca-994b-6d9f3214dc43/	49 KB 49 KB	36ms 35ms	Image image/png	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/31540f04-d82b-40ab-95f7-4103f35f6d52/1d16f091-0934-4e00-97fd-89aef8caa165/90945b91-7647-4fca-994b-6d9f3214dc43/Logo_VLM@2x.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51f0b12c86dcc52ccf1148f7077020c338353ead959833233d9e47025bd494af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 X12PaUzpXf5ASHfRz5jCDw== age 12669 content-length 50438 x-ms-lease-status unlocked last-modified Wed, 03 Jan 2024 18:12:22 GMT server cloudflare etag 0x8DC0C87884277C4 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 0339d42e-b01e-0015-464a-4d2e30000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae7faa4b65a4-FRA
GET H2	200	Logo_VLM@2x.png cdn.cookielaw.org/logos/31540f04-d82b-40ab-95f7-4103f35f6d52/1d16f091-0934-4e00-97fd-89aef8caa165/a135e64b-84c8-4d73-b40f-bd4f1979b697/	49 KB 49 KB	39ms 38ms	Image image/png	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/31540f04-d82b-40ab-95f7-4103f35f6d52/1d16f091-0934-4e00-97fd-89aef8caa165/a135e64b-84c8-4d73-b40f-bd4f1979b697/Logo_VLM@2x.png Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51f0b12c86dcc52ccf1148f7077020c338353ead959833233d9e47025bd494af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 X12PaUzpXf5ASHfRz5jCDw== age 12669 content-length 50438 x-ms-lease-status unlocked last-modified Wed, 03 Jan 2024 18:12:22 GMT server cloudflare etag 0x8DC0C8788313C2D vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 602bbf80-301e-001b-6d4a-4d0780000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8580ae7faa4d65a4-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	31ms 30ms	Image image/svg+xml	2606:4700::6812:82ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 43209 x-ms-lease-status unlocked last-modified Mon, 19 Feb 2024 02:25:00 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id d9b6c12d-601e-0039-64e7-62c29f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8580ae7faa4e65a4-FRA
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 1361	474 B 917 B	24ms 24ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 11 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id 24htZabVuwhbfHvItKqaD7PDJkzyyzA9DdkrwCVpddh7ZkC-L2rxQQ==
GET H2	200	fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Show response js.stripe.com/v3/fingerprinted/data/ Frame 1361	160 KB 31 KB	27ms 27ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/data/fr-1a3c8916aac1d5e81a4922f38a2d6b0b.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 8e7485178640e388da56513a668c3383b982f4e0bc44adf12d090e18e1ac9aa0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:40:33 GMT content-encoding gzip via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 450 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 16 Feb 2024 21:04:35 GMT server Cloudfront etag W/"1a3c8916aac1d5e81a4922f38a2d6b0b" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id tUf742JiLucQaGEkkt1hMF4ktsx6TvZKmBIXG4G3ntu4iodXZfYQEA==
GET H2	200	m=Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame F622	75 KB 27 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6d85b4e93245e49003b3ec3076c49380f50ff20cbf81d6ee948ba3ef81ce4002 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 17:37:17 GMT content-encoding gzip x-content-type-options nosniff age 436244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27796 x-xss-protection 0 last-modified Tue, 30 Jan 2024 14:10:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 13 Feb 2025 17:37:17 GMT
GET H2	200	sp.pl sp.analytics.yahoo.com/	43 B 633 B	156ms 49ms	Image image/gif	212.82.100.181 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2019%20Feb%202024%2018%3A48%3A01%20GMT&n=-1&b=Soutenez%20Vaincre%20la%20Mucoviscidose&.yp=10092765&f=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&enc=UTF-8&yv=1.15.1&tagmgr=gtm Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spdc.pbp.vip.ir2.yahoo.com Software ATS / Resource Hash 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif cache-control no-cache, private, must-revalidate accept-ranges bytes content-length 43 expires Mon, 19 Feb 2024 18:48:01 GMT
POST H2	200	b Show response r.stripe.com/ Frame C344	0 273 B	621ms 580ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481884125 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1708368481883827 access-control-allow-credentials true content-length 0
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame F622	1 MB 376 KB	87ms 87ms	XHR text/html	2a00:1450:400c:c09::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c704a13da1724a86570216064177d4b70b4ebf2c988c2e052c4550a83f1f7c08 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-i_P0wJ0rTVPDscZWzu74OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-i_P0wJ0rTVPDscZWzu74OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmLw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdFa-ddNZVYBYd_101lAgdkqfwRoExD71M1hjgFiIh-PhkXPr2ARe9P4_zwgANDM1Gg" x-ua-compatible IE=edge accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy unsafe-none server ESF x-frame-options DENY vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 19 Feb 2024 18:48:01 GMT
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame F622	10 KB 4 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1aaf60a81d664d1aeeeffcc14a9a5f3d058cccd37a689c66d2c5a480cba6a243 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 17:34:54 GMT content-encoding gzip x-content-type-options nosniff age 349987 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4134 x-xss-protection 0 last-modified Tue, 30 Jan 2024 14:10:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Fri, 14 Feb 2025 17:34:54 GMT
GET H3	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame F622	37 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 428573ea8d471499c805dc4fc7642dbfe3a40db95c425099583fe10ee39b1bbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 17:37:17 GMT content-encoding gzip x-content-type-options nosniff age 436244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14367 x-xss-protection 0 last-modified Tue, 30 Jan 2024 14:10:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 13 Feb 2025 17:37:17 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	102ms 51ms	Preflight text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Mon, 19 Feb 2024 18:48:01 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame F622	131 B 155 B	126ms 81ms	XHR text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:01 GMT
POST H3	200	log Show response play.google.com/ Frame F622	131 B 155 B	133ms 88ms	XHR text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:01 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	101ms 52ms	Preflight text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Mon, 19 Feb 2024 18:48:01 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
OPTIONS H2	200	log play.google.com/ Frame	0 0	101ms 53ms	Preflight text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Mon, 19 Feb 2024 18:48:01 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame F622	131 B 155 B	131ms 89ms	XHR text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:01 GMT
POST H3	200	log Show response play.google.com/ Frame F622	131 B 155 B	126ms 85ms	XHR text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:01 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	100ms 54ms	Preflight text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Mon, 19 Feb 2024 18:48:01 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame F622	131 B 155 B	125ms 83ms	XHR text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:01 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	99ms 53ms	Preflight text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Mon, 19 Feb 2024 18:48:01 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame F622	131 B 155 B	124ms 83ms	XHR text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Feb 2024 18:48:01 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	97ms 53ms	Preflight text/plain	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Mon, 19 Feb 2024 18:48:01 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	pay_google_full_size.svg soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/	1 KB 898 B	115ms 115ms	Image image/svg+xml	2600:9000:266e:5400:1:55b:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/assets/payment_title/pay_google_full_size.svg Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:266e:5400:1:55b:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3bb8e18a44fe8e3e00cc762e041d7f1c0be38dedc05f0a91be7c2738d510d3be Request headers Referer https://soutenir.vaincrelamuco.org/themes/default/arya/dist/v3.7/arya.css?v=23103 Origin https://soutenir.vaincrelamuco.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:01 GMT content-encoding gzip via 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront) last-modified Wed, 17 Jan 2024 07:26:58 GMT server nginx x-amz-cf-pop FRA56-P8 etag W/"65a78142-44e" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml x-amz-cf-id m4Szve_HfGntJW2RIDelc1KtI7xa7U7Oua77DjhVHxTXvNNENYX3sw==
POST H2	200	b Show response r.stripe.com/ Frame C344	0 273 B	579ms 398ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481884533 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1708368481883931 access-control-allow-credentials true content-length 0
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response js.stripe.com/v3/ Frame 51DE	200 B 1 KB	56ms 56ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 138 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:45:50 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id R9jEr3vuVPBAzZ4Zbzrep5n_doRYFiwEbPUPjrDLPgAad5OE89XrOA== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	/ Show response match.adsrvr.org/track/upb/ Frame 1ECA Redirect Chain https://insight.adsrvr.org/track/up?adv=7r3i200&ref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&upid=s5nj3b5&upv=1.1.0 https://match.adsrvr.org/track/upb/?adv=7r3i200&ref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&upid=s5nj3b5&upv=1.1.0	0 59 B	48ms 47ms	Document text/html	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/upb/?adv=7r3i200&ref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&upid=s5nj3b5&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://soutenir.vaincrelamuco.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 0 content-type text/html date Mon, 19 Feb 2024 18:48:01 GMT server Kestrel Redirect headers content-length 335 date Mon, 19 Feb 2024 18:48:01 GMT location https://match.adsrvr.org/track/upb/?adv=7r3i200&ref=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&upid=s5nj3b5&upv=1.1.0 server Kestrel
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	79 KB 25 KB	293ms 26ms	Script text/javascript	2600:9000:2104:5200:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:5200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 17d37b6f592073c33c0d1e5ed16e73bb567795943f601fe1b9926b81ee15cf54 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers X-Amz-Version-Id IeSlriXEeBROoBlR3IYMiFwvNk5apJzI Content-Encoding gzip Via 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront) Date Mon, 19 Feb 2024 18:23:19 GMT Age 1484 X-Amz-Cf-Pop AMS1-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 15 Feb 2024 16:05:28 GMT Server AmazonS3 Etag W/"4698737c535c78ecaf11baaa0ab4db84" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id NW8l_xkln2jd8FoCsL24VBqpHpeRAC5nq5X4tahMlecWWzYokhMlnw==
GET H2	200	m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 51DE	526 B 1 KB	36ms 35ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:45:47 GMT via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload age 136 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 526 last-modified Fri, 16 Feb 2024 21:04:46 GMT server Cloudfront etag "d96c709017743c0759cf3853d1806ba5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id dlE9if1N6NJ7tAEzOz-X6WZDlM7b87QTr_gLfPg_NtteIKG4D70h7g==
POST H2	200	csp-report q.stripe.com/ Frame 51DE	0 717 B	195ms 194ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481689401 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481688809 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 51DE	0 717 B	193ms 193ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481689835 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481688847 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	hcaptcha-invisible-9d57d2cdc74d0f766c81cfefc1ae38db.html Show response js.stripe.com/v3/ Frame 04D5	71 KB 24 KB	37ms 37ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/hcaptcha-invisible-9d57d2cdc74d0f766c81cfefc1ae38db.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 2f124b7026d70cee5f65c60247292a90bb162b5b6fc05c97a8c79edab6327b5f Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-3vrh+1gdKQ/ecxxVNMX2aCzVn3yKNBSpgW5xE9h9/t0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 184 cache-control max-age=31536000 content-encoding br content-security-policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-3vrh+1gdKQ/ecxxVNMX2aCzVn3yKNBSpgW5xE9h9/t0='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:45:06 GMT etag W/"9d57d2cdc74d0f766c81cfefc1ae38db" last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-amz-cf-id 7pNvMNiZDF7K-l_MtTOozWIQRKuIbwD1uwG9ljkvu0ecRuXl-wDb4A== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	inner.html Show response m.stripe.network/ Frame D657	930 B 2 KB	247ms 26ms	Document text/html	99.86.4.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-50.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 270 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:43:32 GMT etag "06bfcd88af438673a8bf9b845a11aa6e" last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront) x-amz-cf-id hnLKt9BMSI5PrwJQcwQSyM5qSe1rxvwIt3crLVmpGmsayMINgaNdrw== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	201ms 200ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:01 GMT x-stripe-server-envoy-start-time-us 1708368481893007 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 7 x-stripe-client-envoy-start-time-us 1708368481892376 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	380ms 380ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482073268 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1708368482072803 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	378ms 378ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482073411 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1708368482073110 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	379ms 379ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482073942 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 7 x-stripe-client-envoy-start-time-us 1708368482073464 access-control-allow-credentials true content-length 0
POST H2	200	csp-report q.stripe.com/ Frame 04D5	0 717 B	194ms 193ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481940802 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1708368481940167 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 04D5	474 B 916 B	43ms 42ms	Fetch application/json	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/hcaptcha-invisible-9d57d2cdc74d0f766c81cfefc1ae38db.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ce1cd5e16604975942bf19eb9611a8aa2125910a465fc7568c4dfa6e04878f53 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/hcaptcha-invisible-9d57d2cdc74d0f766c81cfefc1ae38db.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:47:50 GMT via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload age 11 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 474 last-modified Fri, 16 Feb 2024 21:46:59 GMT server Cloudfront etag "d1edde64f83975f265a89edb525e8ecd" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes x-amz-cf-id csbcNPvj4OGBlHd41DIQR17Ng82Yg7RvkwHYCKdgkJboeLbzfOZtaw==
GET H2	200	HCaptchaInvisible.html Show response b.stripecdn.com/stripethirdparty-srv/assets/v20.17/ Frame AE26	419 B 1 KB	158ms 28ms	Document text/html	2600:9000:20b4:2c00:b:1d09:f200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/HCaptchaInvisible.html?id=16ed58e9-a9b5-4657-b759-e143cb698e9f&origin=https%3A%2F%2Fjs.stripe.com Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/hcaptcha-invisible-9d57d2cdc74d0f766c81cfefc1ae38db.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:2c00:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash c64a6e5cd18f4259ba04815cf49fc93b4a6e7d9eb5d27e003246cd19ed1cfa22 Security Headers Name Value Content-Security-Policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 17 cache-control max-age=60, stale-while-revalidate=900 content-length 419 content-security-policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 18:47:45 GMT etag "732c33dbd0eb337f5891ab03521f3395" last-modified Thu, 15 Feb 2024 18:31:17 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding,Origin via 1.1 8a7f46625ae5030a73c5c8ce2b546002.cloudfront.net (CloudFront) x-amz-cf-id cvj6htFVAw35zq5duqJ2XAVeKiLKAa5rbMUlXMI8T8NNf0Zv_k25Qw== x-amz-cf-pop AMS58-P4 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	csp-report q.stripe.com/ Frame D657	0 491 B	194ms 194ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:01 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368481976059 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 0 x-stripe-client-envoy-start-time-us 1708368481975201 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame D657	87 KB 14 KB	37ms 36ms	Script text/javascript	99.86.4.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-50.fra6.r.cloudfront.net Software Cloudfront / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:43:58 GMT content-encoding br via 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront age 244 x-content-type-options nosniff etag W/"69cb7809b5011312e716f29b3d19dce6" x-amz-cf-pop FRA6-C1 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=300, public x-amz-cf-id JZN78FL_x5U2kSVNFDTTQ9iIKVYvpSfxlwCeYlnEKReCo8xCPfxRXg==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/fpconsent.js https://s.adroll.com/j/pre/index.js	0 755 B	53ms 26ms	Script application/javascript	2600:9000:2104:5200:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Protocol HTTP/1.1 Server 2600:9000:2104:5200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Date Mon, 19 Feb 2024 07:02:03 GMT Via 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront) Age 42370 X-Amz-Cf-Pop AMS1-C1 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Max-Age 600 Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id x8_R_VAtJVb4paNWKDw78NT8zaCvzteHZslR5Gbg6zov0SyJTJKgLQ== Redirect headers Date Sun, 18 Feb 2024 20:03:34 GMT Via 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront) Age 81867 X-Amz-Cf-Pop AMS1-C1 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/pre/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id 4zjv_J-PcsNhFzaH0vqcP9HC93LoxNjzt73zwAePrIKNxiY8lqrcnA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/	0 808 B	53ms 26ms	Script text/javascript	2600:9000:2104:5200:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:5200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers X-Amz-Version-Id xsNrf6ul5p6GqRu1OCad9YxwmRpCxlTH Date Mon, 19 Feb 2024 18:34:23 GMT Via 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront) Age 3067 X-Amz-Cf-Pop AMS1-C1 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Sat, 17 Feb 2024 11:43:53 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id 58mBPiQVQNbLjbewPQkbkeLMZFEtCUBpAOGUQrTxutp9KOrG5pW8zQ==
POST H2	200	6 Show response m.stripe.com/ Frame D657	156 B 669 B	573ms 191ms	XHR application/json	44.241.26.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.26.175 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-26-175.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b87e32468b85f1e6d39463189aea768a054db79223ecaa97e699dc2308800116 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368482438453 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1708368482438128 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	197ms 197ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482080688 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368482080463 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	198ms 197ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482082424 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368482081943 access-control-allow-credentials true content-length 0
GET H2	200	F736O2VEFJBHXO46DQ7G4W Show response d.adroll.com/consent/check/	546 B 1 KB	158ms 48ms	Script application/javascript	2a05:d018:cc3:fe04:b6ab:4de7:5d27:f839 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/F736O2VEFJBHXO46DQ7G4W?pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&_s=1113b3a031f732ea4f5e6d2611695400&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe04:b6ab:4de7:5d27:f839 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash 51f2ca229da9ff0a8e5705a295c5445187f0af312f55ad9bb9c27f26fb1a7c94 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers content-type application/javascript pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 546 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	197ms 197ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482085661 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368482085255 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	200ms 198ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482094097 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368482093707 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	200ms 198ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482094133 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1708368482093792 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	200ms 199ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482115979 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 6 x-stripe-client-envoy-start-time-us 1708368482115364 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame C344	0 273 B	198ms 197ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482170544 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1708368482169897 access-control-allow-credentials true content-length 0
GET H2	200	api.js Show response hcaptcha.com/1/ Frame AE26	376 KB 107 KB	106ms 44ms	Script application/javascript	104.19.218.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit Requested by Host: b.stripecdn.com URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/HCaptchaInvisible.html?id=16ed58e9-a9b5-4657-b759-e143cb698e9f&origin=https%3A%2F%2Fjs.stripe.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e371afad4e5536dc457e1940102546d5f8e551e63c740bd9915d40356ac58b5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://b.stripecdn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id rjVS9sevkcKeW8_gGBrXjQIgJU7A_CVx age 0 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 15 Feb 2024 13:51:34 GMT server cloudflare etag W/"696df03892cbf3c70b8697584166587e" vary Accept-Encoding content-type application/javascript cache-control max-age=300 cf-ray 8580ae856d2565c0-FRA x-amz-cf-id wnP9TJ7q58AUGfyh0WS23Anos9wQXTCIstSF0lwSktgE3iDMzqx9Sg==
GET H2	200	vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.2a2d58b91c6acfc1f9d8.bundle.js Show response b.stripecdn.com/stripethirdparty-srv/assets/v20.17/ Frame AE26	114 KB 35 KB	31ms 31ms	Script text/javascript	2600:9000:20b4:2c00:b:1d09:f200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.2a2d58b91c6acfc1f9d8.bundle.js Requested by Host: b.stripecdn.com URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/HCaptchaInvisible.html?id=16ed58e9-a9b5-4657-b759-e143cb698e9f&origin=https%3A%2F%2Fjs.stripe.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:2c00:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 39253e0583d87f1e4da4c9028eb3112b1218fe79ee1a9df1d86560a43887615f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/HCaptchaInvisible.html?id=16ed58e9-a9b5-4657-b759-e143cb698e9f&origin=https%3A%2F%2Fjs.stripe.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Mon, 19 Feb 2024 17:55:59 GMT via 1.1 8a7f46625ae5030a73c5c8ce2b546002.cloudfront.net (CloudFront) age 3124 x-amz-cf-pop AMS58-P4 x-cache Hit from cloudfront last-modified Thu, 15 Feb 2024 18:31:18 GMT server Cloudfront etag W/"c0b2851b03eedaa4c74c6fb16a7223dc" vary Accept-Encoding,Origin content-type text/javascript; charset=utf-8 cache-control max-age=31536000, public timing-allow-origin * x-amz-cf-id YAu4NpOwTJi0pvdTFVSaO0nthOQYQb5SKs2ru7MFlFZJgydiCe05ng==
GET H2	200	HCaptchaInvisible.f76df6e906382568d06d.bundle.js Show response b.stripecdn.com/stripethirdparty-srv/assets/v20.17/ Frame AE26	17 KB 7 KB	52ms 52ms	Script text/javascript	2600:9000:20b4:2c00:b:1d09:f200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/HCaptchaInvisible.f76df6e906382568d06d.bundle.js Requested by Host: b.stripecdn.com URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/HCaptchaInvisible.html?id=16ed58e9-a9b5-4657-b759-e143cb698e9f&origin=https%3A%2F%2Fjs.stripe.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:2c00:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 5875aa9b6e08289882f785ca5b8faf742835cae993da615fdda385ba5e270077 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://b.stripecdn.com/stripethirdparty-srv/assets/v20.17/HCaptchaInvisible.html?id=16ed58e9-a9b5-4657-b759-e143cb698e9f&origin=https%3A%2F%2Fjs.stripe.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Mon, 19 Feb 2024 18:07:27 GMT via 1.1 8a7f46625ae5030a73c5c8ce2b546002.cloudfront.net (CloudFront) age 2436 x-amz-cf-pop AMS58-P4 x-cache Hit from cloudfront last-modified Thu, 15 Feb 2024 18:31:17 GMT server Cloudfront etag W/"0a7c763d1eb46a040661b9704dc9d1bf" vary Accept-Encoding,Origin content-type text/javascript; charset=utf-8 cache-control max-age=31536000, public timing-allow-origin * x-amz-cf-id jFhc8cNW2UsGAzG-b597DWXVq85jKfwi-Z2DW2c2Eg3NJQlJvdPESA==
POST H2	200	csp-report q.stripe.com/ Frame AE26	0 491 B	196ms 194ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: soutenir.vaincrelamuco.org URL: https://soutenir.vaincrelamuco.org/don/~mon-don?_cv=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://b.stripecdn.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368482183224 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 0 x-stripe-client-envoy-start-time-us 1708368482182125 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H/1.1	200 OK	FM5THSBY4ZFUBIXLUZAWG3.js Show response s.adroll.com/pixel/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/ Redirect Chain https://d.adroll.com/pixel/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.o... https://s.adroll.com/pixel/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/FM5THSBY4ZFUBIXLUZAWG3.js	4 KB 2 KB	618ms 618ms	Script text/javascript	2600:9000:2104:5200:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/FM5THSBY4ZFUBIXLUZAWG3.js Protocol HTTP/1.1 Server 2600:9000:2104:5200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2032b2615b3125acaf1fd278057b98fbec012b1cd2010fc36af624c7bf944f42 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers X-Amz-Version-Id jjNUdD80MqgLAKmzKTadscu545Dk6ofl Content-Encoding gzip Via 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront) Date Mon, 19 Feb 2024 18:48:03 GMT X-Amz-Cf-Pop AMS1-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache RefreshHit from cloudfront Connection keep-alive Last-Modified Thu, 28 Dec 2023 03:35:43 GMT Server AmazonS3 Etag W/"1a2df22e144427aec69a02352e36dbe5" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id 4G0fNIM0IYexnqhveP2_f6kkTV0oH36cdSGNVf_Jw9UlrBK7Pn_z3g== Redirect headers date Mon, 19 Feb 2024 18:48:02 GMT x-segment-display-name Page dons - Visiteurs p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" x-rule-type s content-length 0 pragma no-cache x-conversion-value 0.00 server nginx/1.22.1 x-rule *soutenir.vaincrelamuco.org/* x-segment-eid FM5THSBY4ZFUBIXLUZAWG3 location https://s.adroll.com/pixel/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2/FM5THSBY4ZFUBIXLUZAWG3.js cache-control no-store, no-cache, must-revalidate x-pixel-eid MC3B6OKCHREPNBHZWN27T2 x-segment-name 8d0ab62a x-advertisable-eid F736O2VEFJBHXO46DQ7G4W x-conversion-currency EUR
GET H2	200	MC3B6OKCHREPNBHZWN27T2 ipv4.d.adroll.com/px4/F736O2VEFJBHXO46DQ7G4W/	42 B 176 B	178ms 47ms	Image image/gif	52.18.219.229 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ipv4.d.adroll.com/px4/F736O2VEFJBHXO46DQ7G4W/MC3B6OKCHREPNBHZWN27T2?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&cookie=&adroll_s_ref=&keyw=&p0=2193 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.219.229 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-219-229.eu-west-1.compute.amazonaws.com Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 42 content-type image/gif
GET H2	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/23190cf/static/ Frame 00E6	2 KB 1 KB	41ms 31ms	Document text/html	104.19.218.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/23190cf/static/hcaptcha.html?_v=q6jo84syjrg Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61910bd129b1a18584a3ab4e0eade67387405091a9cb084b6d5de813ea67c1f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://b.stripecdn.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 79093 alt-svc h3=":443"; ma=86400 cache-control max-age=1209600 cf-cache-status HIT cf-ray 8580ae860dcc65c0-FRA content-encoding br content-type text/html cross-origin-embedder-policy credentialless cross-origin-resource-policy cross-origin date Mon, 19 Feb 2024 18:48:02 GMT last-modified Thu, 15 Feb 2024 13:51:34 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 c908cbeaf223c80632fd467b8ff1278a.cloudfront.net (CloudFront) x-amz-cf-id PAFeJ5uD4XpFCfas4YzGA-ciOBWXzf1AZ45PEXJgwvMbyf2m7dQcHw== x-amz-cf-pop ARN1-C1 x-amz-server-side-encryption AES256 x-amz-version-id .z1aavRRqvBDOuwjXdKuJsE4u6t_YxY0 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	b Show response r.stripe.com/ Frame EC6C	0 274 B	208ms 207ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482351108 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 15 x-stripe-client-envoy-start-time-us 1708368482350869 access-control-allow-credentials true content-length 0
GET H2	200	hcaptcha.js Show response newassets.hcaptcha.com/captcha/v1/23190cf/ Frame 00E6	376 KB 106 KB	33ms 33ms	Script application/javascript	104.19.218.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/23190cf/hcaptcha.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/23190cf/static/hcaptcha.html?_v=q6jo84syjrg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e371afad4e5536dc457e1940102546d5f8e551e63c740bd9915d40356ac58b5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/captcha/v1/23190cf/static/hcaptcha.html?_v=q6jo84syjrg Origin https://newassets.hcaptcha.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id rjVS9sevkcKeW8_gGBrXjQIgJU7A_CVx age 79183 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 15 Feb 2024 13:51:34 GMT server cloudflare etag W/"696df03892cbf3c70b8697584166587e" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 cf-ray 8580ae864e4465c0-FRA x-amz-cf-id wnP9TJ7q58AUGfyh0WS23Anos9wQXTCIstSF0lwSktgE3iDMzqx9Sg==
POST H2	200	checksiteconfig Show response api.hcaptcha.com/ Frame 00E6	719 B 893 B	68ms 51ms	XHR application/json	104.19.218.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hcaptcha.com/checksiteconfig?v=23190cf&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1 Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/23190cf/hcaptcha.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abfdfe3517f8a136769ab79e47d493a3d45c656634b202fb5e644b0becb0dbca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://newassets.hcaptcha.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type text/plain Response headers date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-encoding br server cloudflare vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS content-type application/json access-control-allow-origin https://newassets.hcaptcha.com access-control-allow-credentials true cf-ray 8580ae86dee265c0-FRA access-control-allow-headers Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path alt-svc h3=":443"; ma=86400
GET H3	200	hsw.js Show response newassets.hcaptcha.com/c/0fb9fb5/ Frame 00E6	508 KB 222 KB	34ms 34ms	Script application/javascript	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/c/0fb9fb5/hsw.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/23190cf/hcaptcha.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6aeb0f05d454e29935dc8708f1dbdbe27176d849880fdbf1d30d4d5bc6c3c18 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newassets.hcaptcha.com/captcha/v1/23190cf/static/hcaptcha.html?_v=q6jo84syjrg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 437caaa82b2f94aeac2747f293235378.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id hX4Z6AbOk3MuIrAL1fopQL_PyMUYVvWN age 172339 x-amz-cf-pop VIE50-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 12 Feb 2024 22:29:35 GMT server cloudflare etag W/"380f869a8304c28e89d70dc536bdc54c" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3024000 cf-ray 8580ae87291c36dc-FRA x-amz-cf-id kAf1wJNWftjh2stGcHLNE7OxQgDW4W9h0RlcgXCMx1LYxdsDIRLQ6A==
POST H2	200	6 Show response m.stripe.com/ Frame D657	156 B 668 B	192ms 192ms	XHR application/json	44.241.26.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.26.175 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-26-175.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b87e32468b85f1e6d39463189aea768a054db79223ecaa97e699dc2308800116 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368482637303 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 3 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1708368482637078 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	6 Show response m.stripe.com/ Frame D657	156 B 668 B	242ms 239ms	XHR application/json	44.241.26.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.26.175 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-26-175.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b87e32468b85f1e6d39463189aea768a054db79223ecaa97e699dc2308800116 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1708368482686706 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1708368482686400 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	198ms 198ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:02 GMT x-stripe-server-envoy-start-time-us 1708368482808985 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1708368482808330 access-control-allow-credentials true content-length 0
POST H3	200	463b917e-e264-403f-ad34-34af0ee10294 Show response api.hcaptcha.com/getcaptcha/ Frame 00E6	3 KB 3 KB	189ms 189ms	XHR application/octet-stream	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294 Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/23190cf/hcaptcha.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf632ed8928ed9a9dfec0bc7937aa4c959518befc72b80dc3ec9aac99a31d0bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json, application/octet-stream Referer https://newassets.hcaptcha.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 content-type application/x-www-form-urlencoded Response headers date Mon, 19 Feb 2024 18:48:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Origin, Accept-Encoding content-type application/octet-stream access-control-allow-origin https://newassets.hcaptcha.com access-control-allow-credentials true cf-ray 8580ae891b4036dc-FRA alt-svc h3=":443"; ma=86400 content-length 3144
GET H/1.1	200 OK	sync x.bidswitch.net/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=... https://x.bidswitch.net/sync?dsp_id=44&user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk	43 B 235 B	344ms 31ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=44&user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk Protocol HTTP/1.1 Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Mon, 19 Feb 2024 18:48:03 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers location https://x.bidswitch.net/sync?dsp_id=44&user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 96 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=... https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=aCDSDglg1QZuol_3A1YASQ https://d.adroll.com/cm/g/in	42 B 821 B	48ms 48ms	Image image/gif	2a05:d018:cc3:fe04:b6ab:4de7:5d27:f839 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Protocol H2 Server 2a05:d018:cc3:fe04:b6ab:4de7:5d27:f839 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:03 GMT server nginx/1.22.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-store, no-cache, must-revalidate content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://d.adroll.com/cm/g/in p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Redirect Chain https://d.adroll.com/cm/index/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisa... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expiration=1739904482 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expiration=1739904482&C=1	43 B 536 B	60ms 59ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expiration=1739904482&C=1 Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTEuPxHY%2F5D3i6HImxLlVUPzP4tp9O4amK7P1iDXH4aNNbo4DoHy0%2F55kn%2BLgkBpwg%2FUeMBLlcHcsmCRSj8n6Tk1nRRetEQmEf2x3w5aqPLHr7aRJWGR4ml5Bc5oCrfl6Kyghg2IAy1Cyg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8580ae8b0f082681-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 19 Feb 2024 18:48:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzCpMbuqUkKJ90zYgnq2nGkgdEELBy%2F99whX22Sj951GpkfY0YZ89cmGUxnA3LR8VHrwiTnxg%2Br3pNmznp%2Bi7mf1Uk9%2BWaKxASOLwUyw6IWH3SLQknTJ3FVHqn5R%2FhfN5b6VFePFOWprgA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=105&external_user_id=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expiration=1739904482&C=1 cache-control no-cache cf-ray 8580ae8a5d882681-TXL alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	200	out d.adroll.com/cm/l/	42 B 180 B	51ms 49ms	Image image/gif	2a05:d018:cc3:fe04:b6ab:4de7:5d27:f839 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/l/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=F736O2VEFJBHXO46DQ7G4W Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe04:b6ab:4de7:5d27:f839 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-transform,public,max-age=300,s-maxage=900 server nginx/1.22.1 content-length 42 vary Cookie content-type image/gif
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://d.adroll.com/cm/n/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=... https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expires=365	0 239 B	107ms 21ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expires=365 Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 7d6e3b6fefbbeb4d018118d74243a2fc P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&expires=365 pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 124 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=... https://us-u.openx.net/w/1.0/sd?id=537103138&val=6820d20e0960d5066ea25ff703560049&gdpr=1&gdpr_consent=	43 B 264 B	91ms 42ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537103138&val=6820d20e0960d5066ea25ff703560049&gdpr=1&gdpr_consent= Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?id=537103138&val=6820d20e0960d5066ea25ff703560049&gdpr=1&gdpr_consent= pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 108 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Redirect Chain https://d.adroll.com/cm/outbrain/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advert... https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=&us_privacy=1---	0 218 B	429ms 107ms	Image text/plain	70.42.32.159 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=&us_privacy=1--- Protocol HTTP/1.1 Server 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Mon, 19 Feb 2024 18:48:03 GMT Cache-Control no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-TraceId c6ff6777f08d217bcd2935b6ace08476 Content-Length 0 Redirect headers location https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=&us_privacy=1--- pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 137 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Redirect Chain https://d.adroll.com/cm/pubmatic/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advert... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...	42 B 541 B	136ms 35ms	Image image/gif	185.64.191.210 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA Protocol H2 Server 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Mon, 19 Feb 2024 18:48:03 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 212 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	204	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=... https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA	0 125 B	193ms 118ms	Image text/plain	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Protocol H2 Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.94 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:03 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.94 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 169 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	204	rtb-h sync.taboola.com/sg/adroll-network/1/ Redirect Chain https://d.adroll.com/cm/taboola/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&adverti... https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk	0 90 B	137ms 29ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk Protocol H2 Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:03 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 26862 Redirect headers location https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 111 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://d.adroll.com/cm/triplelift/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&adve... https://eb2.3lift.com/xuid?mid=4714&xuid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&dongle=c85e	37 B 140 B	86ms 24ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=4714&xuid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&dongle=c85e Protocol H2 Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers location https://eb2.3lift.com/xuid?mid=4714&xuid=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk&dongle=c85e pragma no-cache date Mon, 19 Feb 2024 18:48:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 102 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=8609bc9b5b5cf9e38e45e0ca0a5e204d-1708368482145&pv=34910696202.62577&arrfrr=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&advertisable=... https://ib.adnxs.com/setuid?entity=172&code=NjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk	43 B 1 KB	98ms 97ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:03 GMT an-x-request-uuid 6a1361a0-62b1-48f7-89eb-c934757ae434 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 217.114.218.22; 217.114.218.22; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 19 Feb 2024 18:48:03 GMT an-x-request-uuid 6d32abb4-93b8-4c93-9b95-43fb7b412430 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjgyMGQyMGUwOTYwZDUwNjZlYTI1ZmY3MDM1NjAwNDk cache-control no-store, no-cache, private x-proxy-origin 217.114.218.22; 217.114.218.22; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	b Show response r.stripe.com/ Frame 5701	0 273 B	197ms 197ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-b79bc922ecf9d10dcf378fe9121cae3f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Mon, 19 Feb 2024 18:48:04 GMT x-stripe-server-envoy-start-time-us 1708368484017853 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1708368484017577 access-control-allow-credentials true content-length 0
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	28ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-GPPKM9MZX6&gtm=45je42e0v889111927z877820236za200&_p=1708368480462&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=782248928.1708368481&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&ci=1&sid=1708368480&sct=1&seg=0&dl=https%3A%2F%2Fsoutenir.vaincrelamuco.org%2Fdon%2F~mon-don%3F_cv%3D1&dt=Soutenez%20Vaincre%20la%20Mucoviscidose&en=generic&ep.campaign_origin=INT-1&ep.donator_id=&ep.campaign_type=donation&ep.form_id=1&_et=1&tfd=7167 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GPPKM9MZX6&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers pragma no-cache date Mon, 19 Feb 2024 18:48:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://soutenir.vaincrelamuco.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response js.stripe.com/v3/fingerprinted/js/	176 B 678 B	28ms 28ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://soutenir.vaincrelamuco.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 18:19:43 GMT via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload age 1707 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront content-length 176 last-modified Fri, 16 Feb 2024 21:04:47 GMT server Cloudfront etag "96f5b26d366f47393b3ff36fe7471474" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id EQ44wa8U0xPkVxK3WvqOzNnALjg_E4xE_xwDSvguMH71gqeVewv5nA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

q.stripe.com

URL

https://q.stripe.com/csp-report

Domain

q.stripe.com

URL

https://q.stripe.com/csp-report

Domain

q.stripe.com

URL

https://q.stripe.com/csp-report

Domain

q.stripe.com

URL

https://q.stripe.com/csp-report

Domain

q.stripe.com

URL

https://q.stripe.com/csp-report

Domain

q.stripe.com

URL

https://q.stripe.com/csp-report

Domain

r.stripe.com

URL

https://r.stripe.com/b

Domain

js.stripe.com

URL

https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html

Domain

js.stripe.com

URL

https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html

Domain

js.stripe.com

URL

https://js.stripe.com/v3/elements-inner-card-c935e4865ee77cbad99943e1a92b43e6.html