urlscan.io logo urlscan.io
SecurityTrails logo

caringcent.org Open in urlscan Pro
18.66.122.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://7axux.r.ah.d.sendibm4.com/mk/cl/f/nVivPFwetqWe6h8RTfHzCcR1JkiDZSzEhXqb54j2cPXxLvRa_SJeiIcTlWRbgfpUVMhdkoI2Kv3eipvHnnTApDQ2...
Effective URL: https://caringcent.org/msu/footballrally
Submission: On October 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 9 domains to perform 67 HTTP transactions. The main IP is 18.66.122.119, located in United States and belongs to AMAZON-02, US. The main domain is caringcent.org.
TLS certificate: Issued by Amazon on August 24th 2021. Valid for: a year.
This is the only time caringcent.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.107.232.127 200484 (SENDINBLU...)
4 18.66.122.119 16509 (AMAZON-02)
2 13.32.22.96 16509 (AMAZON-02)
2 35.156.167.229 16509 (AMAZON-02)
4 172.217.16.132 15169 (GOOGLE)
9 52.216.98.77 16509 (AMAZON-02)
6 142.250.186.35 15169 (GOOGLE)
14 18.158.107.139 16509 (AMAZON-02)
5 18.66.97.5 16509 (AMAZON-02)
3 104.89.6.113 16625 (AKAMAI-AS)
7 151.101.129.21 54113 (FASTLY)
1 52.222.236.39 16509 (AMAZON-02)
1 52.222.214.85 16509 (AMAZON-02)
1 151.101.129.35 54113 (FASTLY)
6 151.101.193.35 54113 (FASTLY)
1 2 64.4.245.84 17012 (PAYPAL)
1 142.250.186.99 15169 (GOOGLE)
67 17
1    185.107.232.127 (France)

ASN200484 (SENDINBLUE-ASN, FR)
7axux.r.ah.d.sendibm4.com
4    18.66.122.119 (United States)

ASN16509 (AMAZON-02, US)
caringcent.org
2    13.32.22.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-96.fra56.r.cloudfront.net
ut3ipqogf8.execute-api.us-east-1.amazonaws.com
2    35.156.167.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-167-229.eu-central-1.compute.amazonaws.com
payments.braintree-api.com
4    172.217.16.132 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f132.1e100.net
www.google.com
9    52.216.98.77 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
6    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
14    18.158.107.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
client-analytics.braintreegateway.com
5    18.66.97.5 (United States)

ASN16509 (AMAZON-02, US)
assets.braintreegateway.com
3    104.89.6.113 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-6-113.deploy.static.akamaitechnologies.com
www.paypalobjects.com
7    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    52.222.236.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-39.fra56.r.cloudfront.net
js.braintreegateway.com
1    52.222.214.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-85.fra56.r.cloudfront.net
checkout.paypal.com
1    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
6    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
c6.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
14 client-analytics.braintreegateway.com caringcent.org
assets.braintreegateway.com
9 s3.amazonaws.com
7 www.paypal.com www.paypalobjects.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 c.paypal.com js.braintreegateway.com
c.paypal.com
5 assets.braintreegateway.com caringcent.org
4 www.google.com caringcent.org
www.google.com
www.gstatic.com
4 caringcent.org caringcent.org
3 www.paypalobjects.com caringcent.org
www.paypal.com
2 payments.braintree-api.com caringcent.org
2 ut3ipqogf8.execute-api.us-east-1.amazonaws.com caringcent.org
1 c6.paypal.com
1 fonts.gstatic.com www.google.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 t.paypal.com
1 checkout.paypal.com caringcent.org
1 js.braintreegateway.com caringcent.org
1 7axux.r.ah.d.sendibm4.com 1 redirects
67 19

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
*.caringcent.org
Amazon		 2021-08-24 -
2022-09-22		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2021-04-09 -
2022-05-08		 a year crt.sh
payments.braintree-api.com
DigiCert SHA2 Extended Validation Server CA		 2020-12-14 -
2022-01-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
client-analytics.braintreegateway.com
DigiCert SHA2 High Assurance Server CA		 2020-05-01 -
2022-05-06		 2 years crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-07 -
2022-08-07		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-28 -
2022-01-11		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-21 -
2022-10-22		 a year crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-06-24 -
2022-06-29		 2 years crt.sh
b.stats.paypal.com
DigiCert SHA2 High Assurance Server CA		 2020-03-13 -
2022-06-03		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://caringcent.org/msu/footballrally
Frame ID: 8B4BFC02DD29A6FF703AD9CA7D22EE3F
Requests: 30 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.80.0/html/dispatch-frame.min.html
Frame ID: 261373A9F938866B209A3E76BC9D7F79
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
Frame ID: DBE0F8A1C549D43DE20065BFF1D3DA77
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6EF84C64D8987FE0FFB7DABE09FFE0D5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
Frame ID: 7F4FBFE2A4E0CD60C352D7D464C58727
Requests: 8 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Frame ID: 9EBD1C2B655B96552611FCDBB80AEA30
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Frame ID: ABB0E024A53C6DA864FE2B2CABE37C69
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Frame ID: 0442DD9CEDC44C1299EA4F57A4AE232F
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Frame ID: 1EA731E5D713A1C7A382A515142A51E1
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 62F00995F18AB2B0FDBD209297C1C03C
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=f643db238fcbc5aa3bbea873bb9786d1&t=1635185552.631&a=14
Frame ID: C2319B060FCA52A913E270A2860AEAE1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL
Frame ID: 80A1D316438CCB7FBAF9150C83D5310A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan State University | East Lansing, MI, U.S. | Official Athletics WebsiteVisaMasterCardUnion PayAmerican ExpressJCBDiscoverDiners ClubMaestroPayPal LogoPayPal Credit LogoGeneric CardCVV BackCVV FrontCheckXLock LoaderApple Pay LogoGoogle Pay MarkVenmo

Page URL History Show full URLs

  1. https://7axux.r.ah.d.sendibm4.com/mk/cl/f/nVivPFwetqWe6h8RTfHzCcR1JkiDZSzEhXqb54j2cPXxLvRa_SJeiIcTlWRbgfpUVMhd... HTTP 302
    https://caringcent.org/msu/footballrally Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

67
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

19
Subdomains

17
IPs

4
Countries

3363 kB
Transfer

7990 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://7axux.r.ah.d.sendibm4.com/mk/cl/f/nVivPFwetqWe6h8RTfHzCcR1JkiDZSzEhXqb54j2cPXxLvRa_SJeiIcTlWRbgfpUVMhdkoI2Kv3eipvHnnTApDQ2sSAxXHruSkhH9PVyy-zsis5og2QJL9qNMgKLpt_03annB2fM_gfU_LTDB9sPluxF6kKc8qJ2FCXVi7rqZuuOeg1L9Gw-kA6NjYtfM-eiwPQ6SAX0Ly_mz8R-HmM-XGDWYJL- HTTP 302
    https://caringcent.org/msu/footballrally Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=f643db238fcbc5aa3bbea873bb9786d1&t=1635185552.631&a=14 HTTP 302
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=f643db238fcbc5aa3bbea873bb9786d1&t=1635185552.631&a=14

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request footballrally
caringcent.org/msu/
Redirect Chain
  • https://7axux.r.ah.d.sendibm4.com/mk/cl/f/nVivPFwetqWe6h8RTfHzCcR1JkiDZSzEhXqb54j2cPXxLvRa_SJeiIcTlWRbgfpUVMhdkoI2Kv3eipvHnnTApDQ2sSAxXHruSkhH9PVyy-zsis5og2QJL9qNMgKLpt_03annB2fM_gfU_LTDB9sPluxF6kK...
  • https://caringcent.org/msu/footballrally
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://caringcent.org/msu/footballrally
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79aa8e04fa5ced4280144eb3233e6fb62a92295a73bc6d49f05ab0c5e482d35c

Request headers

:method
GET
:authority
caringcent.org
:scheme
https
:path
/msu/footballrally
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Mon, 25 Oct 2021 18:12:31 GMT
last-modified
Fri, 15 Oct 2021 19:41:19 GMT
x-amz-server-side-encryption
AES256
server
AmazonS3
content-encoding
gzip
etag
W/"6ee8c82bb2748c5d3e102c3f9dee0816"
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
LvfGjVtum0Q_DrNofAP687jGZH4UOHKmkg8Qj1xdzxUQ9e3kjbgiag==

Redirect headers

content-type
text/html; charset=utf-8
date
Mon, 25 Oct 2021 18:12:29 GMT
location
https://caringcent.org/msu/footballrally
x-content-type-options
nosniff
x-sib-server
red2.dc2.51b.tech
x-xss-protection
1
content-length
63
main.76522685.chunk.css
caringcent.org/static/css/ 		2 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://caringcent.org/static/css/main.76522685.chunk.css
Requested by
Host: caringcent.org
URL: https://caringcent.org/msu/footballrally
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0dbc5ef3b314b47fb67772f04b1a75d321b04332497e07bce5a78ed0e7e2a47

Request headers

:path
/static/css/main.76522685.chunk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
caringcent.org
referer
https://caringcent.org/msu/footballrally
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/msu/footballrally
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:31 GMT
content-encoding
gzip
etag
W/"5d0e147a4b09e0c72cc1445f34875c3a"
last-modified
Fri, 15 Oct 2021 19:41:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront)
x-amz-cf-id
YaMP6BPXByRv4W0P3bTVCBQgoBps12fu-IiTxCi3wZpC1-x1d0nL3A==
4.65c07ae7.chunk.js
caringcent.org/static/js/ 		2 MB
514 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://caringcent.org/static/js/4.65c07ae7.chunk.js
Requested by
Host: caringcent.org
URL: https://caringcent.org/msu/footballrally
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e427b445520894718a4a2bdcc105b8de7d2c419e17a228cceea7956bf809db9

Request headers

:path
/static/js/4.65c07ae7.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
caringcent.org
referer
https://caringcent.org/msu/footballrally
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/msu/footballrally
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:31 GMT
content-encoding
gzip
etag
W/"3a3a769753b9b6a69407e59edcd69b95"
last-modified
Fri, 15 Oct 2021 19:41:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront)
x-amz-cf-id
_d5VnTFIL8RL_9I8AqMTwJxJ9L-6bv9oN5eJFAwWgQreKbpv4uBNBw==
main.c6644085.chunk.js
caringcent.org/static/js/ 		213 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://caringcent.org/static/js/main.c6644085.chunk.js
Requested by
Host: caringcent.org
URL: https://caringcent.org/msu/footballrally
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4bf5e829a25e9a4a03df589434f1cdf2fe255ae23e7fe99a3e79a88e20175c

Request headers

:path
/static/js/main.c6644085.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
caringcent.org
referer
https://caringcent.org/msu/footballrally
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/msu/footballrally
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:31 GMT
content-encoding
gzip
etag
W/"4503ab1ee907be1205b5449aa6b0d8c0"
last-modified
Fri, 15 Oct 2021 19:41:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront)
x-amz-cf-id
b4WewCLi1mZUJ3fMr9DY__Zi4nfLogGbhvcyVdKKbEU8d-tiTnwhiw==
event
ut3ipqogf8.execute-api.us-east-1.amazonaws.com/production/ 		20 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut3ipqogf8.execute-api.us-east-1.amazonaws.com/production/event
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-96.fra56.r.cloudfront.net
Software
/
Resource Hash
b238b72ad6da10943bacafe6749e6ffb315c7938ba10e9938b8551af02555507

Request headers

Accept
application/json, text/plain, */*
Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 25 Oct 2021 18:12:31 GMT
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amzn-requestid
9a18c332-5fa6-4599-ba73-71720b0ee12d
access-control-allow-methods
OPTIONS,POST,GET
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6176f38f-44c58d3f064636cb08596e12;Sampled=0
x-cache
Miss from cloudfront
x-amz-apigw-id
Hxr-aG8goAMF9Ng=
content-length
20786
x-amz-cf-id
PUUEE5ptQTn9IqDiXxLathCfo8wPojMp7LlRyv3h4m0tksMRY5z2Wg==
access-control-allow-headers
*
event
ut3ipqogf8.execute-api.us-east-1.amazonaws.com/production/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ut3ipqogf8.execute-api.us-east-1.amazonaws.com/production/event
Protocol
H2
Server
13.32.22.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-96.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Mon, 25 Oct 2021 18:12:31 GMT
x-amzn-requestid
195f3db3-478c-4e0d-b249-a22f780a6438
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id
Hxr-YHLHIAMFiPA=
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache
Miss from cloudfront
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
gArrfBQ38xh1h1hDSytqZ543stClGXQ-5xTEtYFzj_BNQW_eWDRlvA==
graphql
payments.braintree-api.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Protocol
HTTP/1.1
Server
35.156.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-167-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,braintree-version,content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 25 Oct 2021 18:12:32 GMT
transfer-encoding
chunked
access-control-allow-origin
https://caringcent.org
access-control-max-age
1800
access-control-allow-methods
GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
authorization,braintree-version,content-type
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
paypal-debug-id
9baa6d54df454
graphql
payments.braintree-api.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.156.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-167-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8f6d6ddb487219e76408bfd31d0c2bf006d5b7958bd4ad0ac4d5561c10d2d4bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2MzUyNzE5NTEsImp0aSI6ImU4OGNmYmNlLWM3MTQtNDE3YS04M2RiLTcxOGQxYzA1YzRhYSIsInN1YiI6InQ4NHlyY2YzeDg1Y2hodHYiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InQ4NHlyY2YzeDg1Y2hodHYiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6e319.PmJsRCFBVZlIBLPNTzzRv9FuV9OOXo17c6P7TCgqi1dBcK-fv-80l2d9P8ohZD464MgKtjql__N7HHwZCWI1gg
Braintree-Version
2018-05-10
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 18:12:32 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
X-Frame-Options
DENY
vary
Braintree-Version, Accept-Encoding
Content-Type
application/json
access-control-allow-origin
https://caringcent.org
Cache-Control
no-cache, no-store
braintree-version
2016-10-07
paypal-debug-id
77ffb87cf2b64
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Length
1276
api.js
www.google.com/recaptcha/ 		909 B
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
9d28b22786d352a6aab7748d85909448701ef57719711bc2cf8baf7b553a47e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
578
x-xss-protection
1; mode=block
expires
Mon, 25 Oct 2021 18:12:32 GMT
Top%20Header.png
s3.amazonaws.com/donate.resources/msu/FootballRally/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/FootballRally/Top%20Header.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
073518fe83434375ce16426db4c5bb493ef07677a6c9a634e43907cf028a6e6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Mon, 23 Aug 2021 22:43:41 GMT
Server
AmazonS3
x-amz-request-id
TQP03S2Z9YWQ57FF
ETag
"78a0daf1ce32d398780ccacd6f0215f2"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
134505
x-amz-id-2
Sm2CL8fh6Nbp064i5WDeXPlx/g4DwqsYWZfBv89D3REL4kHxr7t2fx7232Hex6wtVi3Mwm27ugU=
football%202021%20rallygive-mgame.jpg
s3.amazonaws.com/donate.resources/msu/footballrally2021/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/footballrally2021/football%202021%20rallygive-mgame.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2e571e0139f216f7da95d65093c54cfe5137027a1eff577bb11d92fb347bc007

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Thu, 21 Oct 2021 04:11:29 GMT
Server
AmazonS3
x-amz-request-id
TQPE7E9CGHQCVFPW
ETag
"bd5d8e4c6d81b0c17321d75f2cdf8e71"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
1407331
x-amz-id-2
EaylAKXvxJ+W50kkObnseghX8cGgmuMZwIUgZ20uzh/8mY+MDeU0fr3s/c1k+WJyNO3EVZmZC2g=
paulbunyan-made%20greeen%20(1).png
s3.amazonaws.com/donate.resources/msu/footballrally2021/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/footballrally2021/paulbunyan-made%20greeen%20(1).png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b1eb125f0f1647a2c8d93c2319159de7e4123b95bb875aadad5690dc03ac15d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Thu, 21 Oct 2021 03:13:25 GMT
Server
AmazonS3
x-amz-request-id
TQP89PAM68Z12GET
ETag
"03a346f882b851a6f53074adf8d1ae99"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
17130
x-amz-id-2
pZwFDtFNjk4q/AguF4f3rI6Wq6nRpEn4HarNC2Ww+SgsUrkZYR9FO1YpLL8Op5rfQze/yWuHc0s=
helmet%20over%20block%20m-msugreen.png
s3.amazonaws.com/donate.resources/msu/footballrally2021/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/footballrally2021/helmet%20over%20block%20m-msugreen.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0e92bf0cbcdde5ea9f90de722d67dd590db9aeb66d9ed9f23348eeaedc635187

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Thu, 21 Oct 2021 03:42:12 GMT
Server
AmazonS3
x-amz-request-id
TQP6FTQ502YMJJFZ
ETag
"9f6e39be24c805206404ca11f731ca77"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
5393
x-amz-id-2
KLpgBjcMsRRXDbZfaNNGuJkLzRUYJZ/ZanQyFLplWFL3tBSPl2KfgquNd951AeExiH4w5o2b6no=
fb_win_icon.png
s3.amazonaws.com/donate.resources/msu/footballrally2021/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/footballrally2021/fb_win_icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
15e1c4fc886c0b24d00ef87145399b1f666867a465ec21db08134a71c1762284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Thu, 21 Oct 2021 03:42:48 GMT
Server
AmazonS3
x-amz-request-id
TQP8ZTCATJD09HN3
ETag
"35e1123e372430536dface8d7da320d8"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
13577
x-amz-id-2
kJyA4j0HetS5rM4uQr3U3qYr2c5qkwoLhzhnpjlvbWUkIl/zv+JPW4GWyuYvhRYNQMssjYwq/gg=
10th_b1g_icon.png
s3.amazonaws.com/donate.resources/msu/footballrally2021/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/footballrally2021/10th_b1g_icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d5e9aec2f9d45a12e171039196a9a504360bd1d58edcf3c0f95ecd94e7cc87a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Thu, 21 Oct 2021 03:45:54 GMT
Server
AmazonS3
x-amz-request-id
TQP7XA0M3N41FSWE
ETag
"29106560de6706b41c68c442dab763f6"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
35318
x-amz-id-2
2oh2myhARSBFz0oMk4xHSUxdhs84iPEnevcC8lAFIl9O5tvEbnGn7AKfdxuXNCT2GJxCDFGDNMg=
touchdown_icon.png
s3.amazonaws.com/donate.resources/msu/footballrally2021/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/footballrally2021/touchdown_icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d09a017932426eee86a6c0671314cd7fc9d709c767d9ecd3fd868528c3f57edf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Thu, 21 Oct 2021 03:47:46 GMT
Server
AmazonS3
x-amz-request-id
TQP2PRQBKSMVQ6XM
ETag
"b6d9f34dc9a3cc891dff822101c4fe9b"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
9008
x-amz-id-2
tXQkPPE3Otl5Sgj2g124LehYhiPr6uDQ4rz1EcpL5saNe26G1Q98GqCDiY1nihDifbvh/avaJbs=
helmet.png
s3.amazonaws.com/donate.resources/msu/FootballRally/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/FootballRally/helmet.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2b3efd184daf6929faa4d1dc38474a31000a78307fa33d701b650e121c7a2e2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Mon, 23 Aug 2021 22:43:37 GMT
Server
AmazonS3
x-amz-request-id
TQPB3PCJDAFXCYME
ETag
"a7e63e74ec569309b72884285f669f64"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10350
x-amz-id-2
+ffaUFMYERuvm3eoNLEPW27I0BcRmwC/Hho3bwMcB9XbkwXWB/PHiC4OaHgFa9IjuTBMXUVaYcU=
field_goal_icon.png
s3.amazonaws.com/donate.resources/msu/footballrally2021/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/donate.resources/msu/footballrally2021/field_goal_icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.98.77 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2102b49da0e499941b8b52d735b4c33b3ee5fe00c67694f52121a97df24e5347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Last-Modified
Thu, 21 Oct 2021 03:50:02 GMT
Server
AmazonS3
x-amz-request-id
TQPABDVY96CXQD3C
ETag
"b4bc5dbc76026fd18ab3cf8749e8cc3f"
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
5795
x-amz-id-2
v8WH0fkntSyVlGY+608R/E98+mLAnIpvbHz52PWJ7Pkntpzs6kMP/ZoLmX5kLGmPApYR7pZ+1So=
recaptcha__de.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ 		346 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://caringcent.org/
Origin
https://caringcent.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
138388
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 25 Oct 2022 18:11:40 GMT
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Protocol
HTTP/1.1
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Access-Control-Max-Age
3000
Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Protocol
HTTP/1.1
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Access-Control-Max-Age
3000
Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Protocol
HTTP/1.1
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Access-Control-Max-Age
3000
Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
dropin.css
assets.braintreegateway.com/web/dropin/1.31.2/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/dropin/1.31.2/css/dropin.css
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e90d38eb6822267f218115bbe5d2f6ed39b4c5ba67360c94e00d60ab2d3e84c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 14:18:38 GMT
server
nginx
age
13466
etag
W/"615718be-67ab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 25 Oct 2021 14:28:06 GMT
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
nEDdQLpJ47hvKAfdGA_7ozIRkQ8ilZ31NBfYtXSMs4dUro1694ts7A==
expires
Tue, 26 Oct 2021 14:28:06 GMT
checkout.min.js
www.paypalobjects.com/api/ 		863 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.6.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-6-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6f4e32543dfc841f0e51035bdec271e967c647943ebc0f03810faa4dc3caacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
6c6c43d0d247f
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
192695
last-modified
Thu, 12 Aug 2021 19:29:50 GMT
etag
W/"611576ae-d7ac9"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-headers
x-csrf-token
expires
Tue, 26 Oct 2021 18:12:32 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=caringcent.org&source=checkoutjs&t=xo&v=4.0.331
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bO+yC6pzfhljRqEnPJrCSsUF5+ZHCPy/Mpy0dOCGLe9KgC0Q' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-bO+yC6pzfhljRqEnPJrCSsUF5+ZHCPy/Mpy0dOCGLe9KgC0Q' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
76844
x-cache
HIT
paypal-debug-id
f958436a9e0fa
server-timing
content-encoding;desc=gzip
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4321
x-xss-protection
1; mode=block
x-served-by
cache-hhn4032-HHN
x-timer
S1635185552.463699,VS0,VE2
x-frame-options
SAMEORIGIN
date
Mon, 25 Oct 2021 18:12:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=3600
etag
W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"
accept-ranges
bytes
x-cache-hits
1
data-collector.min.js
js.braintreegateway.com/web/3.80.0/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.80.0/js/data-collector.min.js
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f353fe0e1ffbb3bc712f3069cb28aa9295e4fa6f7db18bcb89cb47923944bec8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 15:36:57 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 14:18:39 GMT
server
nginx
age
9640
etag
W/"615718bf-7e4d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
KoC7wwTlQ_MXn6aRDeRniwEdqB4mmz4Iqgi1StLMGoMWoqJDAkcnfg==
via
1.1 94328d2509009edc0657f5c786a93e43.cloudfront.net (CloudFront)
expires
Tue, 26 Oct 2021 15:31:52 GMT
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
dispatch-frame.min.html
checkout.paypal.com/web/3.80.0/html/ Frame 2613 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkout.paypal.com/web/3.80.0/html/dispatch-frame.min.html
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-85.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8cbdb024ff3cad566288e531f7663eaf9d37a903a3869937f5913280f6cfb62d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
checkout.paypal.com
:scheme
https
:path
/web/3.80.0/html/dispatch-frame.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 01 Oct 2021 14:18:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 25 Oct 2021 06:34:58 GMT
expires
Tue, 26 Oct 2021 06:33:46 GMT
cache-control
max-age=86400
etag
W/"615718bd-261a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
M2WESzUSWh8FlVKepv1gK4eul-oqt6CrMjhxbLbJF3Dc1lLo1DTrHw==
age
41925
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Protocol
HTTP/1.1
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Access-Control-Max-Age
3000
Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Protocol
HTTP/1.1
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Access-Control-Max-Age
3000
Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
button
www.paypal.com/smart/ Frame DBE0 		63 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bf52e7200d3589eded06eb3f59eb3736b15f5e4cfea740072823c2d51aad7ea
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
p3p
true
paypal-debug-id
f335044ac1799
set-cookie
LANG=en_US%3BDE; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 26 Oct 2021 02:58:28 GMT; HttpOnly; Secure; SameSite=None tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 28 Oct 2021 18:12:32 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Mon, 25 Oct 2021 18:42:32 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1729879952%26vteXpYrS%3D1635187352%26vr%3Db8a76cfb17c0a7a0998115a2fe575723%26vt%3Db8a76cfb17c0a7a0998115a2fe575722%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 24 Oct 2024 18:12:32 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3Db8a76cfb17c0a7a0998115a2fe575723%26vt%3Db8a76cfb17c0a7a0998115a2fe575722; Path=/; Domain=paypal.com; Expires=Thu, 24 Oct 2024 18:12:32 GMT; Secure; SameSite=None x-cdn=0003; Domain=paypal.com; Path=/; Secure
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
bytes
date
Mon, 25 Oct 2021 18:12:32 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4032-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1635185553.542441,VS0,VE267
vary
Accept-Encoding
server-timing
content-encoding;desc=gzip
truncated
/ Frame 6EF8 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6EF8 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
logger
www.paypal.com/xoplatform/logger/api/ 		804 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8221f7477125dc315a648d38d5ca4e10d4c7bf544ce868c48a90944b5593a6c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://caringcent.org/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 25 Oct 2021 18:12:32 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f33504448a5dc
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4052-HHN
x-timer
S1635185553.749127,VS0,VE184
etag
W/"324-PwEMwEnTWpOEGf8eeAyzQWXG9oE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://caringcent.org
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-app-name,x-requested-with
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-app-name,x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://caringcent.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f335044700788
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
date
Mon, 25 Oct 2021 18:12:32 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-hhn4052-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1635185553.569824,VS0,VE163
content-encoding
br
vary
accept-encoding
anchor
www.google.com/recaptcha/api2/ Frame 7F4F 		40 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
0756ff7fba8655e748b94b9f4a306f3e43ba3b6adfbfd884b1df9e2e83275aab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lnDT+e6i+dhAJMUqZzvHxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 25 Oct 2021 18:12:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-lnDT+e6i+dhAJMUqZzvHxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21146
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.80.0/html/ Frame 9EBD 		126 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad5e54e9641d4331adca79d979ff1e10a2950b084e08d93b49446f9781cca9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
assets.braintreegateway.com
:scheme
https
:path
/web/3.80.0/html/hosted-fields-frame.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 01 Oct 2021 14:18:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 25 Oct 2021 00:47:09 GMT
expires
Tue, 26 Oct 2021 00:46:14 GMT
cache-control
max-age=86400
etag
W/"615718bd-1f768"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
5LqyQCos-3qMh_pXiKtHUknYo67Q1bpNEIJfika4sYoIJqqT4mxn0w==
age
62778
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.80.0/html/ Frame ABB0 		126 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad5e54e9641d4331adca79d979ff1e10a2950b084e08d93b49446f9781cca9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
assets.braintreegateway.com
:scheme
https
:path
/web/3.80.0/html/hosted-fields-frame.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 01 Oct 2021 14:18:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 25 Oct 2021 00:47:09 GMT
expires
Tue, 26 Oct 2021 00:46:14 GMT
cache-control
max-age=86400
etag
W/"615718bd-1f768"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
FDgBp3auMPSwLtDH20o0YyR8rPaaUxHSN1Nucvx68t34_rL9ulO1JA==
age
62778
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.80.0/html/ Frame 0442 		126 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad5e54e9641d4331adca79d979ff1e10a2950b084e08d93b49446f9781cca9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
assets.braintreegateway.com
:scheme
https
:path
/web/3.80.0/html/hosted-fields-frame.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 01 Oct 2021 14:18:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 25 Oct 2021 00:47:09 GMT
expires
Tue, 26 Oct 2021 00:46:14 GMT
cache-control
max-age=86400
etag
W/"615718bd-1f768"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
QslHWngEn6xiOQguC7ISApRbY2kLa0k7rHOk9wRoZSm-YnpAYtTRZg==
age
62778
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.80.0/html/ Frame 1EA7 		126 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ad5e54e9641d4331adca79d979ff1e10a2950b084e08d93b49446f9781cca9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
assets.braintreegateway.com
:scheme
https
:path
/web/3.80.0/html/hosted-fields-frame.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 01 Oct 2021 14:18:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 25 Oct 2021 00:47:09 GMT
expires
Tue, 26 Oct 2021 00:46:14 GMT
cache-control
max-age=86400
etag
W/"615718bd-1f768"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
m_zz_Mj-YRtenJGQXruYdR7NbvW2gLJLSzUT7cW9bY_p0AYjVl-ZJw==
age
62778
ts
t.paypal.com/ 		42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Michigan%20State%20University%20%7C%20East%20Lansing%2C%20MI%2C%20U.S.%20%7C%20Official%20Athletics%20Website&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1635185552583&g=0&completeurl=https%3A%2F%2Fcaringcent.org%2Fmsu%2Ffootballrally&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Oct 2021 18:12:32 GMT
via
1.1 varnish
x-timer
S1635185553.620282,VS0,VE164
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
5440511324d18
expires
Mon, 25 Oct 2021 18:12:32 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-cache-hits
0
accept-ranges
bytes
content-type
image/gif
content-length
42
x-served-by
cache-hhn4052-HHN
fb.js
c.paypal.com/da/r/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.80.0/js/data-collector.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10f6bf9c82f198a1867ad8f207e6fd37f67c9cd2adf0fa44368cbb2c271c9a81
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31557600
content-encoding
gzip
x-content-type-options
nosniff
age
3514
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, MISS, HIT
paypal-debug-id
25003d815667c
x-cache-hits
4, 0, 4768
server-timing
content-encoding;desc=gzip
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19145
etag
W/"615c8489-da93"
x-served-by
cache-sjc10047-SJC, cache-hhn4039-HHN, cache-hhn4041-HHN
last-modified
Tue, 05 Oct 2021 16:59:53 GMT
x-timer
S1635185553.687485,VS0,VE1
date
Mon, 25 Oct 2021 18:12:32 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
expires
Tue, 26 Oct 2021 18:12:32 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ Frame 7F4F 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 15:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25743
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 25 Oct 2022 15:06:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ Frame 7F4F 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
138388
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 25 Oct 2022 18:11:40 GMT
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 9EBD 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Requested by
Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.80.0/html/hosted-fields-frame.min.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://assets.braintreegateway.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Protocol
HTTP/1.1
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://assets.braintreegateway.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Access-Control-Max-Age
3000
Date
Mon, 25 Oct 2021 18:12:32 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
i
c.paypal.com/v1/r/d/ Frame 62F0 		160 B
869 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
c.paypal.com
:scheme
https
:path
/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

correlation-id
49e9d90ada149
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
49e9d90ada149
x-content-type-options
nosniff
x-xss-protection
1; mode=block
accept-ranges
none
date
Mon, 25 Oct 2021 18:12:32 GMT
via
1.1 varnish
x-served-by
cache-hhn4041-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1635185553.770671,VS0,VE168
vary
Accept-Encoding
set-cookie
x-cdn=0300; Domain=paypal.com; Path=/; Secure
content-encoding
br
counter2.cgi
dub.stats.paypal.com/ Frame C231
Redirect Chain
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=f643db238fcbc5aa3bbea873bb9786d1&t=1635185552.631&a=14
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=f643db238fcbc5aa3bbea873bb9786d1&t=1635185552.631&a=14
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=f643db238fcbc5aa3bbea873bb9786d1&t=1635185552.631&a=14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=f643db238fcbc5aa3bbea873bb9786d1&t=1635185552.631&a=14
Date
Mon, 25 Oct 2021 18:12:33 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
truncated
/ Frame 7F4F 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7F4F 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7F4F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 11:16:19 GMT
x-content-type-options
nosniff
age
111373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sun, 31 Oct 2021 11:16:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7F4F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:41:55 GMT
x-content-type-options
nosniff
age
387038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 06:41:55 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7F4F 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
0792da4bfcee2d42d77ce9822fd71f13efa4fb92e556add6891a95545313567a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL&co=aHR0cHM6Ly9jYXJpbmdjZW50Lm9yZzo0NDM.&hl=de&type=image&v=YhkYx1k-yvvb8OonJPmOpoJY&theme=light&size=normal&badge=bottomright&cb=un91pal3jk7w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Mon, 25 Oct 2021 18:12:33 GMT
checkout.min.js
www.paypalobjects.com/api/ Frame DBE0 		863 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.6.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-6-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f6f4e32543dfc841f0e51035bdec271e967c647943ebc0f03810faa4dc3caacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
surrogate-control
max-age=31536000
paypal-debug-id
6c6c43d0d247f
dc
phx-origin-www-3.paypal.com
vary
Accept-Encoding
content-length
192695
last-modified
Thu, 12 Aug 2021 19:29:50 GMT
etag
W/"611576ae-d7ac9"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-headers
x-csrf-token
expires
Tue, 26 Oct 2021 18:12:33 GMT
button.js
www.paypalobjects.com/api/xo/ Frame DBE0 		406 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/xo/button.js?date=2021-9-25
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.6.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-6-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f087e61b8665a4b3943a9b542a78675a3430a3669a21b66718be0070e92044e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Sep 2021 15:24:30 GMT
etag
W/"614c9c2e-65769"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
paypal-debug-id
f0253d2d7fcc9
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-1.paypal.com
content-length
74491
expires
Tue, 26 Oct 2021 18:12:33 GMT
truncated
/ Frame DBE0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DBE0 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
bframe
www.google.com/recaptcha/api2/ Frame 80A1 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f132.1e100.net
Software
GSE /
Resource Hash
057f9a646ec0f275793e8aa905e717bfe89a0958c9c9ddd2ed20401821a6c730
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FKtIgepUDh2CuQboPRPjVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://caringcent.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://caringcent.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 25 Oct 2021 18:12:33 GMT
content-security-policy
script-src 'report-sample' 'nonce-FKtIgepUDh2CuQboPRPjVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1111
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
fb.js
c.paypal.com/da/r/ Frame 62F0 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10f6bf9c82f198a1867ad8f207e6fd37f67c9cd2adf0fa44368cbb2c271c9a81
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31557600
content-encoding
gzip
x-content-type-options
nosniff
age
3515
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, MISS, HIT
paypal-debug-id
25003d815667c
x-cache-hits
4, 0, 4769
server-timing
content-encoding;desc=gzip
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19145
etag
W/"615c8489-da93"
x-served-by
cache-sjc10047-SJC, cache-hhn4039-HHN, cache-hhn4041-HHN
last-modified
Tue, 05 Oct 2021 16:59:53 GMT
x-timer
S1635185553.164260,VS0,VE1
date
Mon, 25 Oct 2021 18:12:33 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
expires
Tue, 26 Oct 2021 18:12:33 GMT
graphql
www.paypal.com/ Frame DBE0 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/graphql?GetNativeEligibility
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2021-9-25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1f214ca8c484f2bd2cac63685b3c15f9832daff229d19209986c8c2e9de7a8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-QRPr4G87jwbgJOvQBzxI/2LBQCfciK2CrIoE4mqGtmS0wu3M' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
Accept-Language
de-DE,de;q=0.9
x-app-name
smart-payment-buttons
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-QRPr4G87jwbgJOvQBzxI/2LBQCfciK2CrIoE4mqGtmS0wu3M' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f3350448ffe91
date
Mon, 25 Oct 2021 18:12:33 GMT
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-hhn4032-HHN
x-timer
S1635185553.226461,VS0,VE270
x-frame-options
SAMEORIGIN
etag
W/"66c-L0JkowAtstzwkWg2f+ip6FqVHZQ"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
p1
c.paypal.com/v1/r/d/b/ Frame 62F0 		125 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de689d426bac1d3da6612a940250b99a75f4ccc61cf28e8d9e96d0e94775f9dc

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
via
1.1 varnish
correlation-id
eaa7a31dbbc93
x-served-by
cache-hhn4041-HHN
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
eaa7a31dbbc93
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0
e
c.paypal.com/v1/r/d/b/ Frame 62F0 		15 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
via
1.1 varnish
correlation-id
d78977e02b6a6
x-served-by
cache-hhn4041-HHN
x-cache
MISS
content-type
application/json
paypal-debug-id
d78977e02b6a6
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
15
x-cache-hits
0
p3
c6.paypal.com/v1/r/d/b/ Frame 62F0 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=f643db238fcbc5aa3bbea873bb9786d1&s=BRAINTREE_SIGNIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
via
1.1 varnish
correlation-id
cfa8136791b01
x-timer
S1635185553.282928,VS0,VE202
x-served-by
cache-hhn4041-HHN
x-cache
MISS
paypal-debug-id
cfa8136791b01
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame DBE0 		813 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1984bb55a5d183b159d88a742286d846dbab5338c594fb466a19d5abc7b8b42a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f335044c3b4a7
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4032-HHN
x-timer
S1635185553.283041,VS0,VE159
etag
W/"32d-KI6neZiDCN4z6pWjE+MN+PsQ2/Y"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ Frame 80A1 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 15:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25743
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 25 Oct 2022 15:06:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/ Frame 80A1 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=YhkYx1k-yvvb8OonJPmOpoJY&k=6LfKOL8ZAAAAAAfjhgBvIHBK0WOV-jxeADgwAIEL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 18:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
138388
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 25 Oct 2022 18:11:40 GMT
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Protocol
HTTP/1.1
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://caringcent.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Access-Control-Max-Age
3000
Date
Mon, 25 Oct 2021 18:12:33 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
t84yrcf3x85chhtv
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t84yrcf3x85chhtv
Requested by
Host: caringcent.org
URL: https://caringcent.org/static/js/4.65c07ae7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.107.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-107-139.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://caringcent.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 25 Oct 2021 18:12:33 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://caringcent.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
logger
www.paypal.com/xoplatform/logger/api/ Frame DBE0 		822 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2021-9-25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56a991b7e1e7554b23691f27f5a91b9e10acb97ba519cdb8960fba972cd29e93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=caringcent.org&sessionID=uid_0937026936_mtg6mti6mzi&buttonSessionID=uid_323692c192_mtg6mti6mzi&renderedButtons=paypal&storageID=uid_f1cc330092_mtg6mti6mzi&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=fcf7fa5658&version=min&xcomponent=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Oct 2021 18:12:33 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
paypal-debug-id
f335044438646
strict-transport-security
max-age=63072000; includeSubDomains; preload
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn4032-HHN
x-timer
S1635185553.351421,VS0,VE160
etag
W/"336-NPHoTPWKvsF/ZyAr5H9jLd2lKcA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect boolean| originAgentCluster object| webpackJsonpdonate number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| setImmediate function| clearImmediate object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| paypalDDL object| recaptcha object| closure_lm_639506 object| braintree object| __paypal_global__

10 Cookies

Domain/Path Name / Value
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts_c
Value: vr%3Db8a76cfb17c0a7a0998115a2fe575723%26vt%3Db8a76cfb17c0a7a0998115a2fe575722
.paypal.com/ Name: ts
Value: vreXpYrS%3D1729879953%26vteXpYrS%3D1635187353%26vr%3Db8a76cfb17c0a7a0998115a2fe575723%26vt%3Db8a76cfb17c0a7a0998115a2fe575722%26vtyp%3Dnew
.c.paypal.com/ Name: sc_f
Value: r1ERBEOGUZlvET5G1nbFW5ikXUssa0LzNICrH4xqHPvoV8ZkhdYTqbHRGMLNLK59rg0sMmEs7PYV7w0BDctjJ405dmS8XlymK0yt4W
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: Nv69_gTJsbaAUBIG-TuR2MSFZ9PcL3MoqOU80R3nS8ijjE1r0FFxkpKJMO6Xk69uMVlGLAQ6Os2KXg-m
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYzNTE4NTU1MzQyMSIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/ Name: nsid
Value: s%3A8qaNUCUmN3JSd2lKcVCLimmBYBNNtTYn.%2BiW1Ym2G22RUGIrFLZt47lGIT8iItRHOOpuk5RzMEY4
.paypal.com/ Name: tsrce
Value: loggernodeweb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7axux.r.ah.d.sendibm4.com
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
caringcent.org
checkout.paypal.com
client-analytics.braintreegateway.com
dub.stats.paypal.com
fonts.gstatic.com
js.braintreegateway.com
payments.braintree-api.com
s3.amazonaws.com
t.paypal.com
ut3ipqogf8.execute-api.us-east-1.amazonaws.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.89.6.113
13.32.22.96
142.250.186.35
142.250.186.99
151.101.129.21
151.101.129.35
151.101.193.35
172.217.16.132
18.158.107.139
18.66.122.119
18.66.97.5
185.107.232.127
35.156.167.229
52.216.98.77
52.222.214.85
52.222.236.39
64.4.245.84
057f9a646ec0f275793e8aa905e717bfe89a0958c9c9ddd2ed20401821a6c730
073518fe83434375ce16426db4c5bb493ef07677a6c9a634e43907cf028a6e6f
0756ff7fba8655e748b94b9f4a306f3e43ba3b6adfbfd884b1df9e2e83275aab
0792da4bfcee2d42d77ce9822fd71f13efa4fb92e556add6891a95545313567a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0e92bf0cbcdde5ea9f90de722d67dd590db9aeb66d9ed9f23348eeaedc635187
10f6bf9c82f198a1867ad8f207e6fd37f67c9cd2adf0fa44368cbb2c271c9a81
15e1c4fc886c0b24d00ef87145399b1f666867a465ec21db08134a71c1762284
1984bb55a5d183b159d88a742286d846dbab5338c594fb466a19d5abc7b8b42a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2102b49da0e499941b8b52d735b4c33b3ee5fe00c67694f52121a97df24e5347
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
2b3efd184daf6929faa4d1dc38474a31000a78307fa33d701b650e121c7a2e2c
2e571e0139f216f7da95d65093c54cfe5137027a1eff577bb11d92fb347bc007
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4f4bf5e829a25e9a4a03df589434f1cdf2fe255ae23e7fe99a3e79a88e20175c
56a991b7e1e7554b23691f27f5a91b9e10acb97ba519cdb8960fba972cd29e93
5ad5e54e9641d4331adca79d979ff1e10a2950b084e08d93b49446f9781cca9b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
79aa8e04fa5ced4280144eb3233e6fb62a92295a73bc6d49f05ab0c5e482d35c
7e427b445520894718a4a2bdcc105b8de7d2c419e17a228cceea7956bf809db9
8221f7477125dc315a648d38d5ca4e10d4c7bf544ce868c48a90944b5593a6c8
8cbdb024ff3cad566288e531f7663eaf9d37a903a3869937f5913280f6cfb62d
8f087e61b8665a4b3943a9b542a78675a3430a3669a21b66718be0070e92044e
8f6d6ddb487219e76408bfd31d0c2bf006d5b7958bd4ad0ac4d5561c10d2d4bd
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9bf52e7200d3589eded06eb3f59eb3736b15f5e4cfea740072823c2d51aad7ea
9d28b22786d352a6aab7748d85909448701ef57719711bc2cf8baf7b553a47e5
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
b1eb125f0f1647a2c8d93c2319159de7e4123b95bb875aadad5690dc03ac15d7
b238b72ad6da10943bacafe6749e6ffb315c7938ba10e9938b8551af02555507
d09a017932426eee86a6c0671314cd7fc9d709c767d9ecd3fd868528c3f57edf
d0dbc5ef3b314b47fb67772f04b1a75d321b04332497e07bce5a78ed0e7e2a47
d1f214ca8c484f2bd2cac63685b3c15f9832daff229d19209986c8c2e9de7a8b
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d5e9aec2f9d45a12e171039196a9a504360bd1d58edcf3c0f95ecd94e7cc87a5
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
de689d426bac1d3da6612a940250b99a75f4ccc61cf28e8d9e96d0e94775f9dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90d38eb6822267f218115bbe5d2f6ed39b4c5ba67360c94e00d60ab2d3e84c7
f353fe0e1ffbb3bc712f3069cb28aa9295e4fa6f7db18bcb89cb47923944bec8
f6f4e32543dfc841f0e51035bdec271e967c647943ebc0f03810faa4dc3caacb
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378