give.forward.com Open in urlscan Pro
2606:4700::6810:135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.forwardcdn.com/u/click?_t=4616583590614aeb8da9a4f87d20e5fd&_m=73bb81f749384f01a6b5084c5183cc5f&_e=G5fjynQud4Xix...
Effective URL:
https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
Submission: On August 04 via manual (August 4th 2023, 8:13:51 am UTC) from IN — Scanned from DE

Summary HTTP 126 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 16 domains to perform 126 HTTP transactions. The main IP is 2606:4700::6810:135, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.forward.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.

This is the only time give.forward.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:249... 2600:9000:2490:9200:1a:610:66c0:93a1	16509 (AMAZON-02) (AMAZON-02)
30	2606:4700::68... 2606:4700::6810:135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:225... 2600:9000:2250:1e00:2:8531:afc0:93a1	() ()
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	52.222.214.33 52.222.214.33	16509 (AMAZON-02) (AMAZON-02)
14	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:bb0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::5c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
30	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	52.30.58.64 52.30.58.64	16509 (AMAZON-02) (AMAZON-02)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
3	52.34.104.217 52.34.104.217	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
126	21

1 2600:9000:2490:9200:1a:610:66c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

links.forwardcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700::6810:135 (United States)

ASN13335 (CLOUDFLARENET, US)

give.forward.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:1e00:2:8531:afc0:93a1 (United States)

ASN- ()

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-33.fra56.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bb0e (United States)

ASN13335 (CLOUDFLARENET, US)

pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.58.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-58-64.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

api.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.34.104.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-104-217.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	stripe.com js.stripe.com — Cisco Umbrella Rank: 1773 q.stripe.com — Cisco Umbrella Rank: 17860 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 9830 r.stripe.com — Cisco Umbrella Rank: 5968 m.stripe.com — Cisco Umbrella Rank: 1659	609 KB
18	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 63609 pay.classy.org — Cisco Umbrella Rank: 72940 assets.classy.org — Cisco Umbrella Rank: 75562	1 MB
16	google.com pay.google.com — Cisco Umbrella Rank: 3290 play.google.com — Cisco Umbrella Rank: 63	419 KB
16	forward.com give.forward.com	61 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	291 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 6228	124 KB
3	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 7569 api.braintreegateway.com — Cisco Umbrella Rank: 9553	50 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1934	16 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	65 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13118	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1022	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 32861	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1161	7 KB
1	forwardcdn.com 1 redirects links.forwardcdn.com	1 KB
126	16

	Domain	Requested by
22	r.stripe.com	js.stripe.com
16	give.forward.com	give.forward.com cdn.transcend.io
14	js.stripe.com	cdn.transcend.io js.stripe.com
12	play.google.com	www.gstatic.com
11	prod-frs.content.classy.org	give.forward.com cdn.transcend.io prod-frs.content.classy.org
8	q.stripe.com	give.forward.com
7	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com give.forward.com www.gstatic.com
4	pay.classy.org	cdn.transcend.io
4	cdn.transcend.io	give.forward.com cdn.transcend.io
3	m.stripe.com	m.stripe.network
3	assets.classy.org
2	api.braintreegateway.com	cdn.transcend.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	cdn.transcend.io
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	fonts.googleapis.com	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	js.braintreegateway.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	static.cloudflareinsights.com	give.forward.com
1	links.forwardcdn.com	1 redirects
126	25

This site contains links to these domains. Also see Links.

Domain
forward.com
www.classy.org

Subject Issuer	Validity	Valid
give.forward.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-07-21` - `2024-08-20`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
api.braintreegateway.com DigiCert SHA2 Extended Validation Server CA	`2022-09-07` - `2023-10-08`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
Frame ID: 216AA70F4E8538EF71731803124BA9E6
Requests: 58 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: FF5B1E622038391909C5EA241CE6CE5F
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-78a52aaab8ec975504862fbbc86b413e.html
Frame ID: F6C142241CF981C57F1231FD5D0A70C8
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html
Frame ID: 165E250C1AA27A42ED6092FA1DBE1F75
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-893c47193a47fc8d30c5f7113c8f627b.html
Frame ID: F88F30E5208EB0493F65CA104D07B4F2
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B8A8F7CA28A245B01BD64087D268FF92
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 094A127E9EB8E4C91A0A515F6FB004CF
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Forward Donation

Page URL History Show full URLs

https://links.forwardcdn.com/u/click?_t=4616583590614aeb8da9a4f87d20e5fd&_m=73bb81f749384f01a6b5084c5183c... HTTP 303
https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition... Page URL

Detected technologies

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

100 %
HTTPS

59 %
IPv6

16
Domains

25
Subdomains

21
IPs

5
Countries

2993 kB
Transfer

10515 kB
Size

18
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://forward.com/
Title: Forward.com

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://forward.com/legacy
Title: forward.com/legacy

Search URL Search Domain Scan URL

URL: https://forward.com/ways-to-support-the-forward/
Title: this page

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.forwardcdn.com/u/click?_t=4616583590614aeb8da9a4f87d20e5fd&_m=73bb81f749384f01a6b5084c5183cc5f&_e=G5fjynQud4XixLzaJcpZ0X7DPJuLarBTSm9FaC3wQX8DUwz4h0R6M-9EJVRzbCkhpCZQOlQ2-11I4iW0BakrPSl3jJeJGARXz-x1CcBwC4JES8rLdQg_MrdNWyMhf55noVP_jhrgTEwC5lLseAqwZd1-ooKz73SKSRUUcpylYzpOY7M8Sw37ol4_qHSFiv9nEsSFAoOAA7TioaO8aOgIkdDPhijXA5O4NDxnRIHXW5BNcxaTAr2RQ6xsDMVVwGEoulWWQTKUyN7CMSqEZ4C6rwUSzTDYy5Oia-QfE5IXF4CKQr_4Xv5JCmVNL-hdK5U4BAoBaYNml-Ey4zPCjZ3AsmekXSXZWJS_wqadBpdUcAc%3D HTTP 303
https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.forward.com/give/224077/
Redirect Chain

https://links.forwardcdn.com/u/click?_t=4616583590614aeb8da9a4f87d20e5fd&_m=73bb81f749384f01a6b5084c5183cc5f&_e=G5fjynQud4XixLzaJcpZ0X7DPJuLarBTSm9FaC3wQX8DUwz4h0R6M-9EJVRzbCkhpCZQOlQ2-11I4iW0BakrP...
https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

113 KB
31 KB

811ms
756ms

Document
text/html

2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

855bdad87a3e18046468043a285b9d8be2823316988ec0e084d0d28a6006a484

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7f1557bb2b280482-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 08:13:44 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

content-length: 0
content-security-policy: base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
date: Fri, 04 Aug 2023 08:13:43 GMT
location: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757#!/donation/checkout?c_src=SundayNLtop
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
request-time: 2
server: iterable-links d881
vary: Origin
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-id: O6Y4eNGgEc0pB0gzFABDrmlHbMt6wsSYWoRoF5Ng2LF_heTIZhsP4w==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 main.css
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/ 1 MB
143 KB 75ms
43ms Stylesheet
text/css 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/main.css

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cd8019ec1c531fec04381b5ac4914bf66dc8a7e5ac0e1fd52654118946161d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: MPXXTQ8HXHABZE64
age: 31968
cf-polished: origSize=1127845
x-amz-server-side-encryption: AES256
x-amz-id-2: 2ytUEu5VYv5tUx9B5nAgDxdBZHNkVSu8BunZo3sj8hqRDsBLuX2UIXII01y/2WfzzTmirWOmLb0=
cf-bgj: minify
last-modified: Tue, 01 Aug 2023 23:06:44 GMT
server: cloudflare
etag: W/"38756e0ef6d52b4369d0ffc9ca0fcaae"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7f1557c0ef792c1c-FRA

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 131 KB
45 KB 40ms
8ms Script
application/javascript 2600:9000:2250:1e00:2:8531:afc0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1e00:2:8531:afc0:93a1 , United States, ASN (),

Reverse DNS

Software

CloudFront /

Resource Hash

7844c09e72fbc0439682ef4b71ae2feee2f803791423b5415c3109e66d5439e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
content-encoding: br
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: qHhOQnqpzvr5nCvftWa-oSvwj_ROb7mD8Qw2J5jV0AivuOa2CrlSNQ==
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
give.forward.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 01 Aug 2023 12:35:41 GMT
server: cloudflare
content-encoding: gzip
etag: W/"64c8fc1d-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7f1557c129f40482-FRA
expires: Sun, 06 Aug 2023 08:13:44 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 66ms
45ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://give.forward.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f1557c15e1a9193-FRA

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 267 KB
72 KB 23ms
8ms Script
text/javascript 2600:9000:2250:1e00:2:8531:afc0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1e00:2:8531:afc0:93a1 , United States, ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa8805eb85efe71ac8af603eaeeeb860831fc4ba4809dd8d78384c803140d27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.forward.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Sik9k8x85QPCMbCPdBxzSb27.TXvmRyo
content-encoding: br
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 03:39:28 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 16456
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 03 Aug 2023 03:39:20 GMT
server: AmazonS3
etag: W/"4dd32982057be53922ac29bd83c7662c-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: FXqiC8wjKArIyFwJ7-AtUkrKgfqruNx5GdmtPZJ-MAtZIIuwQCs2Zg==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 18 KB
5 KB 518ms
124ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6a4e868fc237b96dd75784aa3f06da5671c505b5a94795472e7a51fa18660de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 08:13:44 GMT
last-modified: Thu, 20 Jul 2023 20:49:05 GMT
etag: "8076149f4bbbd91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4758
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 49ms
20ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8646544
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY3RGJ4D9XSPG1ZQF9BXTDW-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f1557c2d8ce18e2-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/donation/ 182 KB
37 KB 77ms
76ms Script
application/javascript 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd4c9562ac28e2ff1a8f3ccd6361cbbd2a1c4e58d3969a03c70f774050f95a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 23:06:44 GMT
server: cloudflare
x-amz-request-id: MPXNB2ZWWK640X5P
age: 31968
etag: W/"5be8dafd7c5c76e98909911a7f70efa2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7f1557c2a99e2c1c-FRA
x-amz-id-2: UeR8c0KC4ljLTEBmkIqpG36yMNeI6V0qIt6Pxgl+xicxd68qijJSbyQqvdBCqhiWwhoC9R/Rj2E=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/ 2 MB
382 KB 51ms
51ms Script
application/javascript 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a43c23c66c7686d5dea82aeee1b825d82c815e72f80e4b4ecc813019449395a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
x-amz-request-id: 15B1YQBMYY615Z01
age: 32024
etag: W/"4ed519a7c3148b33f40218f4344f0128"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7f1557c2a99f2c1c-FRA
x-amz-id-2: FsGef40BU2l12R/qW+VqRf/4Q4aqJQw5YXbaO51iBIKxzXb0c1qwpnkMuSymyIS87GH1GrG5RrE=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/ 1 MB
430 KB 34ms
34ms Script
application/javascript 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
x-amz-request-id: 15BFMZN3TR2G7JP2
age: 32024
etag: W/"772e1301b871cc2545926cb86ee5965f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7f1557c2a9a02c1c-FRA
x-amz-id-2: 86lz/gztSn2BKXInL6M3JLt4FWR9xzujZA7Z08xW+vzIGwMLeBIYU3FPA73HXf2IWQ1sk6fAFSM=

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ 175 KB
47 KB 64ms
10ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:44 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 9184ad26b7ae6
dc: ccg11-origin-www-1.paypal.com
content-length: 48132
x-served-by: cache-sjc1000143-SJC, cache-fra-eddf8230089-FRA
last-modified: Fri, 10 Dec 2021 00:01:33 GMT
traceparent: 00-00000000000000000009184ad26b7ae6-5fe02c270dde5e58-01
x-timer: S1691136825.797799,VS0,VE0
etag: W/"61b298dd-2bc3c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 4288, 162

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 143 KB
43 KB 65ms
38ms Script
application/javascript 52.222.214.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-33.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82b3d2b84d475ae4f8b51ca8791e4ef942eea2b1dc4abaaebaf9cde57205999d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 18:19:18 GMT
x-amz-version-id: ZFctw9qvrvbBIv8Dr3PWjsWa3eCjXkRI
content-encoding: gzip
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-amz-request-id: CMWERBYDN2RA4P48
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
age: 50067
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: QVGTIGr3PxaDRRBTE4lFjJAEL+t1S9Yt+3DMZftKtnBHw3DCR0p3gwsp0ZIbYy/9rfVXfSq7gYU=
last-modified: Thu, 03 Aug 2023 17:39:46 GMT
server: AmazonS3
etag: W/"137cb578385515e42535eed9485b60b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: HQjMhZMR1Hykp5UUQCq5U0FaU21L1wG11KS3K3bRECtVf-00Rt3yXg==

GET
H2 200 / Show response
js.stripe.com/v3/ 517 KB
128 KB 83ms
8ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

31a9734bf96f4a261ad9ae679cad02b454e47dafeabb49736569b9dddd7187f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 08:12:53 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 51
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 20:07:22 GMT
server: Cloudfront
etag: W/"1f9a4d5adb36c77e51e1f5836e125b0e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: iMXYWkYuJJmoaA_XLO4LVZfbyRObmTndNXNsAj6_p3BD5Wq5757aEQ==

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 15 KB
4 KB 9ms
6ms Stylesheet
text/css 2600:9000:2250:1e00:2:8531:afc0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1e00:2:8531:afc0:93a1 , United States, ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4b30da9caad65ee78eaa78e84571694935dbdcc393b1d7302eeb8c1ac9b2735a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: P8oaJa8xLWwSmBSNn7u5L3guO6awNoAt
content-encoding: br
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 03:39:28 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 16456
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 03 Aug 2023 03:39:20 GMT
server: AmazonS3
etag: W/"0e0e602f03ad86f1ce7418fdf404c358-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: 3DfrWAlvSyFf97p8nkvZlcDYlbDUm4vlZG59WPEnn0pKnRcS0O8m1Q==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ 6 KB
2 KB 9ms
9ms Fetch
application/json 2600:9000:2250:1e00:2:8531:afc0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:1e00:2:8531:afc0:93a1 , United States, ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a43da7cb17a78b2fa926f5fd74bf098301844fd2d32fe4c481c03392dcf3fb0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rWY_2TFrPz_DqK42xMgbBtEAAl6QQC24
content-encoding: br
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 03:39:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 16455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 03 Aug 2023 03:39:20 GMT
server: AmazonS3
etag: W/"b57de9d14ad2fbbf814632b7f9e8bd0b-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: Xgj6B4XJRt5Pt26Qfe112lFY6UwlgNXdbIJ3ooAnTRMbX5LI6MiKTA==

GET
H2 200 sdk.js Show response
give.forward.com/sso/ 25 KB
7 KB 526ms
525ms Script
application/javascript 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 04 Aug 2023 06:15:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 7f1557c5df540482-FRA
expires: Fri, 04 Aug 2023 08:33:45 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame FF5B 200 B
1 KB 10ms
10ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.forward.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2551
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 07:31:14 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 21 Jul 2023 22:17:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-id: XwbqcSSDYmbsC3jRepe80deM34aAplxp2_eOxB-0_fG_cu44vH4okA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 56ms
25ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5bd8651b4dc62caae9fe18a12109eb26eec54b2311bd0339e9c5a53f31b275b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 04 Aug 2023 08:13:45 GMT

GET
H2 200 tax-entities Show response
give.forward.com/frs-api/organizations/60062/ 629 B
427 B 449ms
449ms XHR
application/json 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/frs-api/organizations/60062/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c7c06c2f53f9655d4e600abbfb48284d0c10e3e90b6a6ca4bfdafe1c0d5c914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
tracestate: 423787@nr=0-1-423787-363751183-4ed007283a9fc871----1691136825664
traceparent: 00-4a6323494964568d4762bd79c8903700-4ed007283a9fc871-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0ZWQwMDcyODNhOWZjODcxIiwidHIiOiI0YTYzMjM0OTQ5NjQ1NjhkNDc2MmJkNzljODkwMzcwMCIsInRpIjoxNjkxMTM2ODI1NjY0fX0=
Accept: application/json, text/plain, */*
csrf-token: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-zhFq4d3Vcu7GSjxylX36KMBP4Uk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f1557c86a680482-FRA

GET
H2 200 market-data Show response
give.forward.com/frs-api/crypto-giving/BTC/USD/ 35 B
123 B 403ms
402ms XHR
application/json 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

686a368693fc931f956b751518ee0e941c6917a48fb1bc5478bf641beb5f3739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
tracestate: 423787@nr=0-1-423787-363751183-ec39191c9c88d515----1691136825919
traceparent: 00-8589316162b9c8dad3801fbfa49f5a00-ec39191c9c88d515-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlYzM5MTkxYzljODhkNTE1IiwidHIiOiI4NTg5MzE2MTYyYjljOGRhZDM4MDFmYmZhNDlmNWEwMCIsInRpIjoxNjkxMTM2ODI1OTE5fX0=
Accept: application/json, text/plain, */*
csrf-token: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"23-k09qu6fzJj3hsLOhcV6RvH+cU4M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 7f1557ca0c390482-FRA
content-length: 35

GET
H2 200 ach-account-routing Show response
give.forward.com/frs-api/organizations/60062/ 33 B
823 B 424ms
423ms XHR
application/json 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/frs-api/organizations/60062/ach-account-routing

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
tracestate: 423787@nr=0-1-423787-363751183-25795513719d722e----1691136825921
traceparent: 00-1ff295b7244ea2883e2011bcc53dba00-25795513719d722e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyNTc5NTUxMzcxOWQ3MjJlIiwidHIiOiIxZmYyOTViNzI0NGVhMjg4M2UyMDExYmNjNTNkYmEwMCIsInRpIjoxNjkxMTM2ODI1OTIxfX0=
Accept: application/json, text/plain, */*
csrf-token: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.2NuvrHTOhj2O0U4O2hX5s46BdPnU5qp25ADofHVOr8-1691136826-0-Ae9H9qQPBH-W3_fdngPRyX_COirELxyYNz9qUDBoJ74xh0qfryPvk34JKAEz_lGqE1DW3iOQWxvRcb6EOyiRNf39RhNs6gbMr3SHxdu7gjQRkshpYD29YWxePhP5wZSA84Y2QuCbxETALVmgZ-00IMTUIXnCtWCBcVtp7utNqPcW8tYocceF1GSKpCE5RfKi4Q; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=.2NuvrHTOhj2O0U4O2hX5s46BdPnU5qp25ADofHVOr8-1691136826-0-Ae9H9qQPBH-W3_fdngPRyX_COirELxyYNz9qUDBoJ74xh0qfryPvk34JKAEz_lGqE1DW3iOQWxvRcb6EOyiRNf39RhNs6gbMr3SHxdu7gjQRkshpYD29YWxePhP5wZSA84Y2QuCbxETALVmgZ-00IMTUIXnCtWCBcVtp7utNqPcW8tYocceF1GSKpCE5RfKi4Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f1557ca0c400482-FRA
content-length: 33

GET
H2 200 braintree Show response
pay.classy.org/token/ 2 KB
2 KB 847ms
814ms XHR
application/json 2606:4700::6812:bb0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=10512&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da694f27e42141917a6f3061d91c3074497bdaf1273e107b892386e8b8419ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.forward.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: cfa5c0b7-719b-4661-97af-15fdd68e6837
cf-ray: 7f1557ca7b72194b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
585 B 429ms
396ms XHR
application/json 2606:4700::6812:bb0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=10512&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.forward.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 6dc727e7-a320-464a-8f27-c53e018056ea
cf-ray: 7f1557ca7b74194b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/fonts/ 42 KB
43 KB 47ms
30ms Font
application/x-font-woff 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef41c30318981cdcb96dbc64272f44ae155ee910245ab04eadbeca7c582758fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/main.css
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: D1FZPXB83SXZNAJ2
age: 29857
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: 7HbLNblDZK8pHY5Pm4tI5MiUzM6pesguZSP/GKtPnIwttaatmkcX6GUrS6Kw6jcY73ngVMJmHQBZdadAy+6fHg==
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
etag: "1e94b06d2e51f20a563314459ecb4184"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7f1557cb1d4a085d-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/fonts/ 65 KB
66 KB 54ms
37ms Font
binary/octet-stream 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/main.css
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: D1FYT3B01JRZ4S6K
age: 29857
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: kIpwnP9jTtbdu5HVYt+rwkVJDGFdEqTYiMtNenH6mN62e+8PSL47Rr6HY+Y/0woJ3twgBZuXXrJ8hDIjQ/EflQ==
last-modified: Tue, 01 Aug 2023 23:06:44 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7f1557cb1d50085d-FRA

GET
H2 200 designations Show response
give.forward.com/frs-api/campaigns/224077/ 1 KB
617 B 461ms
459ms XHR
application/json 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/frs-api/campaigns/224077/designations?filter=id%3D153864

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9149cc992e285a9f99d6f0d6ecaf1d6dca1221706906242180e5867bb6728c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JZpRZX1M-hEWBA_l-Ammr7cW2bWch7KVJ02I
tracestate: 423787@nr=0-1-423787-363751183-b3c3bbdcd2b7398e----1691136826203
traceparent: 00-84ee189d9359836cb5059a0d8a8dd100-b3c3bbdcd2b7398e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiM2MzYmJkY2QyYjczOThlIiwidHIiOiI4NGVlMTg5ZDkzNTk4MzZjYjUwNTlhMGQ4YThkZDEwMCIsInRpIjoxNjkxMTM2ODI2MjAzfX0=
Accept: application/json, text/plain, */*
csrf-token: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"515-kpedDWg5rvaQGu4nknH2mV/ejFg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f1557cbce820482-FRA

GET
H2 200 designations Show response
give.forward.com/frs-api/campaign/224077/ 3 KB
1000 B 443ms
442ms XHR
application/json 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/frs-api/campaign/224077/designations?per_page=100

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5429753009ae95f396738f679b8a1bec34ff205cfe4344f132f97b6c4e4a4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JZpRZX1M-hEWBA_l-Ammr7cW2bWch7KVJ02I
tracestate: 423787@nr=0-1-423787-363751183-2a64ba3539d17791----1691136826205
traceparent: 00-73d6f684f40d3104c40714669a06c100-2a64ba3539d17791-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyYTY0YmEzNTM5ZDE3NzkxIiwidHIiOiI3M2Q2ZjY4NGY0MGQzMTA0YzQwNzE0NjY5YTA2YzEwMCIsInRpIjoxNjkxMTM2ODI2MjA1fX0=
Accept: application/json, text/plain, */*
csrf-token: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"d6c-q9SDktJcum68B1OZlmPsLNZO3OE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f1557cbce830482-FRA

GET
H2 200 designations Show response
give.forward.com/frs-api/campaigns/224077/ 1 KB
657 B 444ms
443ms XHR
application/json 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/frs-api/campaigns/224077/designations?filter=id%3D153864

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9149cc992e285a9f99d6f0d6ecaf1d6dca1221706906242180e5867bb6728c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JZpRZX1M-hEWBA_l-Ammr7cW2bWch7KVJ02I
tracestate: 423787@nr=0-1-423787-363751183-bab42a2ca1d72977----1691136826207
traceparent: 00-621d4ec389952d1e5950d059fb9f2c00-bab42a2ca1d72977-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiYWI0MmEyY2ExZDcyOTc3IiwidHIiOiI2MjFkNGVjMzg5OTUyZDFlNTk1MGQwNTlmYjlmMmMwMCIsInRpIjoxNjkxMTM2ODI2MjA3fX0=
Accept: application/json, text/plain, */*
csrf-token: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"515-kpedDWg5rvaQGu4nknH2mV/ejFg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f1557cbce850482-FRA

GET
H2 200 currency-conversions Show response
give.forward.com/frs-api/i18n/ 75 B
209 B 405ms
405ms XHR
application/json 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b695c5e14b66e115c87eb8f5cc45a583377d49a57ec35818d70bb15d6243af08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JZpRZX1M-hEWBA_l-Ammr7cW2bWch7KVJ02I
tracestate: 423787@nr=0-1-423787-363751183-bb9214ca75b05714----1691136826341
traceparent: 00-08fe891e48a926d4c12feca5fc8f8800-bb9214ca75b05714-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiYjkyMTRjYTc1YjA1NzE0IiwidHIiOiIwOGZlODkxZTQ4YTkyNmQ0YzEyZmVjYTVmYzhmODgwMCIsInRpIjoxNjkxMTM2ODI2MzQxfX0=
Accept: application/json, text/plain, */*
csrf-token: qr1UZA9N-6ihzRvRIJqD2WDtTMypiBcUM2Sk
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-+9N2f6y0AnezIqSE14qIQr1KyOg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f1557ccaf6d0482-FRA

GET
H2 200 braintree Show response
pay.classy.org/token/ 2 KB
2 KB 514ms
514ms XHR
application/json 2606:4700::6812:bb0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=10512&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd731e44490e31a9862bff17ef8378866814d1fd31eb81d6d946bd7f2f868cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.forward.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 043caf8e-c31a-4702-a00c-10378775398b
cf-ray: 7f1557ccae11194b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
give.forward.com/static/global/images/ 2 KB
2 KB 37ms
36ms Image
image/webp 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.forward.com/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 3684356
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Wed, 14 Jun 2023 00:12:04 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "648905d4-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f1557ccbf770482-FRA
expires: Fri, 21 Jun 2024 16:47:50 GMT

GET
H2 200 816fce70-3609-11e9-8b92-0aabaa7e0bf2.png
assets.classy.org/9002514/ 1 KB
1 KB 103ms
92ms Image
image/webp 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/9002514/816fce70-3609-11e9-8b92-0aabaa7e0bf2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574727e349f11f0be5f5edc57afe25019a8c2fc6d4d5a539eabd1e34d539ff10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3618e3d44154049697057e88849a4360.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: pzQgW6BFU0nv8uHLz3pxoS5H.Y0Iy3fo
age: 590483
x-amz-cf-pop: MXP53-P2
cf-polished: origFmt=png, origSize=3331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="816fce70-3609-11e9-8b92-0aabaa7e0bf2.webp"
content-length: 1132
last-modified: Thu, 21 Feb 2019 18:50:08 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "facaa13e7e9b3a98530078048397fbec"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7f1557ccc8f92c1c-FRA
x-amz-cf-id: UL07d8uS8nJM11H_4oaEIq61mv5L3JFtkRXGrrJSu-op3ZObXmPaTg==

GET
H2 200 1a5e6974-360b-11e9-abf7-0e89c285ce96.png
assets.classy.org/9002514/ 1 KB
2 KB 102ms
91ms Image
image/webp 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/9002514/1a5e6974-360b-11e9-abf7-0e89c285ce96.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574727e349f11f0be5f5edc57afe25019a8c2fc6d4d5a539eabd1e34d539ff10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 6Lg_IBBKkc9dglI5wzd9mk7VOeZl8EdC
age: 590483
x-amz-cf-pop: FRA6-C1
cf-polished: origFmt=png, origSize=3331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="1a5e6974-360b-11e9-abf7-0e89c285ce96.webp"
content-length: 1132
last-modified: Thu, 21 Feb 2019 19:01:34 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "facaa13e7e9b3a98530078048397fbec"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7f1557ccc8fd2c1c-FRA
x-amz-cf-id: 8v6bmDjRqjIk7hNMEIGb57XvX1gU2mY3y1JBrmoVaWhAV9eh6sZv8A==

GET
H2 200 e1a05c52-c0de-11ec-806e-0a58a9feac02.png
assets.classy.org/8689985/ 156 KB
157 KB 106ms
95ms Image
image/webp 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/8689985/e1a05c52-c0de-11ec-806e-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7484012b8efad28d8e37589ffbaa60c02981c7c36124501cb2c62251aa334b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: btS4vOHkNFdTP3N0BBkzjwlyqv3mQqps
age: 144094
x-amz-cf-pop: AMS1-C1
cf-polished: origFmt=png, origSize=440463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="e1a05c52-c0de-11ec-806e-0a58a9feac02.webp"
content-length: 160048
last-modified: Wed, 20 Apr 2022 19:20:05 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "a6759b0345ff44a6b0da03debd0a14d2"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7f1557ccc8fb2c1c-FRA
x-amz-cf-id: KQm2btUeB5FnmYRHUfgpu2kUMVAROK_UUCV_4yvAGDsEZPpxCUdK1A==

GET
H2 200 logo-paypal.svg
give.forward.com/static/global/images/payments/ 4 KB
3 KB 427ms
426ms Image
image/svg+xml 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.forward.com/static/global/images/payments/logo-paypal.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 23:03:30 GMT
server: cloudflare
etag: W/"64c98f42-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f1557ccbf790482-FRA
expires: Sat, 03 Aug 2024 08:13:46 GMT

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/ 1 KB
916 B 33ms
32ms Image
image/svg+xml 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
x-amz-request-id: 2KSK8QNYJW62ZYDS
age: 31967
etag: W/"2861fb7a07b041686ba6360cf7908e28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7f1557ccb8e62c1c-FRA
x-amz-id-2: EclUmzY/n4Go29MRgF2Vn8c7Bwrh3svr9DBsdld7qc0eph/yadtyFtxWvEVMewpUdn8qjC/Mp1Q=

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/ 545 B
420 B 28ms
27ms Image
image/svg+xml 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
x-amz-request-id: 2KSXZN1DEY7Y480K
age: 31967
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7f1557ccb8e72c1c-FRA
x-amz-id-2: wSwMHFSDfpDHGxjpe98ykfWKbhRhb/ahHN7kHTkPVPHXu3V4m0h+mbDI0XlZp4qw85ijK826aCc=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
x-amz-request-id: 2KSXECFAR03W2PS1
age: 31967
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7f1557ccb8e82c1c-FRA
x-amz-id-2: KHGstQ4jgNs+KDFOenr8uzZIyRBAalsM7p4sB9nOLmcOD1+v+o85CyPGfjDT5BVLE+hbEogqnPY=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/ 453 B
443 B 34ms
33ms Image
image/svg+xml 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
x-amz-request-id: 2KSHQVFYRGDZDD0R
age: 31967
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7f1557ccb8e92c1c-FRA
x-amz-id-2: 579NxcGq2UZU0kX72owS1wG867UeUGa7t79Eiagh2c0l1pqOMXPgpDHbz4iV6OqnMwdOllTha9s=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/ 394 B
677 B 23ms
22ms Image
image/webp 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/b245528ca6037cf20c96dbb6fb8d176419b62130/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 2KSTYGVRJKZXP42M
age: 31967
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: QcWf2qo7HO6Yji3dxt0E+/yu/n7MnZTfax4dtYq7eaQNz5mWE+qqM/Nl2I1oXCLmcDNuofmoI/8=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 01 Aug 2023 23:06:45 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7f1557ccb8ea2c1c-FRA

POST
H2 204 rum Show response
give.forward.com/cdn-cgi/ 0
143 B 10ms
9ms XHR
text/plain 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-0540ab1de4512310----1691136826364
traceparent: 00-dc09c3b63936b1bda2475751548cd300-0540ab1de4512310-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwNTQwYWIxZGU0NTEyMzEwIiwidHIiOiJkYzA5YzNiNjM5MzZiMWJkYTI0NzU3NTE1NDhjZDMwMCIsInRpIjoxNjkxMTM2ODI2MzY0fX0=
content-type: application/json
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.forward.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f1557cccfa20482-FRA

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FF5B 631 B
999 B 9ms
9ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 04 Aug 2023 07:43:29 GMT
x-content-type-options: nosniff
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 1818
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Wed, 26 Jul 2023 02:00:16 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fW9ugc9KPyXRURbpn3JSCGMx99M450EtTHsoUvFNTZpP3BqJK9rmsA==

GET
H3 200 controller-78a52aaab8ec975504862fbbc86b413e.html Show response
js.stripe.com/v3/ Frame F6C1 325 B
1 KB 9ms
9ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-78a52aaab8ec975504862fbbc86b413e.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

12cba53acdbbb5396c1f085ea09168868b5e722e2e3d23fde06bedf94ca96b70

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.forward.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 57
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 08:12:50 GMT
etag: "78a52aaab8ec975504862fbbc86b413e"
last-modified: Thu, 03 Aug 2023 19:36:05 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-id: 0ZpZxOMLSqm1ExCiSwaSShRtNB7pPGn5gYOFyICjUbJ3bWq7OkySCQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html Show response
js.stripe.com/v3/ Frame 165E 408 B
1 KB 19ms
18ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

18d557004bb5af9ede88e212f8736a1bffa19f319d92dfc1b585d39a60a9a0e8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.forward.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2009
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 07:40:56 GMT
etag: "edb29b18f7fd6175ccf5c873219d9a87"
last-modified: Thu, 03 Aug 2023 19:36:19 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-id: ke7j-pELJAb9fcE3TetzVBchtCyi49CcVCMd5aBZ6QDQhdsC86aXRw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 payment-request-inner-browser-893c47193a47fc8d30c5f7113c8f627b.html Show response
js.stripe.com/v3/ Frame F88F 344 B
1 KB 10ms
9ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-893c47193a47fc8d30c5f7113c8f627b.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f6989220ff0e2a705c49890ad50af7750ab3364a06cdc65c72193cc5068d01c7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.forward.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 08:13:31 GMT
etag: "893c47193a47fc8d30c5f7113c8f627b"
last-modified: Thu, 03 Aug 2023 19:36:19 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-id: 31Rrtyq_mbA76iE2xSjn7pFU-n7LTXxwUKQatmAB1-TeI3YOCL-gSA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53269878d5aafc41b44e729d4c787220da4cf746689526d56605f75ec697b167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 08:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 08:13:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 08:13:46 GMT

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
362 B 133ms
133ms XHR
application/json 2606:4700::6812:bb0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=10512&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.forward.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 98f3c65b-ed5f-47cb-b870-9a29561e80b0
cf-ray: 7f1557cd5ecb194b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 shared-7c6365811cde2ae6649218e805d070a6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F6C1 497 KB
109 KB 18ms
17ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-78a52aaab8ec975504862fbbc86b413e.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6c9801eae4ff7c5a1caaad395fdaff7c5d870d768a2d7e10aa3dd02e8afbe687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-78a52aaab8ec975504862fbbc86b413e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 07:37:53 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 2154
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 19:36:18 GMT
server: Cloudfront
etag: W/"180832e3712305515189fee4d532ee34"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MoYrbVDWQHqSpG8DkkLESY3X99G5-pgTKeK-lYZKObWgrR0gU_DQ9w==

GET
H3 200 controller-69f2e086c6951f552337c160b67706b7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F6C1 501 KB
123 KB 20ms
19ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-69f2e086c6951f552337c160b67706b7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-78a52aaab8ec975504862fbbc86b413e.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c80067cfa1054c281cbe765415f506d945ba144ee7dc9c8b1d1a4d464b0cc929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-78a52aaab8ec975504862fbbc86b413e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 07:37:54 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 2153
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 19:36:16 GMT
server: Cloudfront
etag: W/"dc6bfe3c1938d8b52b293187a3847c36"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zmxdtBjjU5FToQ49VLDtKLAK56FlAa75XkCjc65CQunn7Who-Ok3tA==

GET
H3 200 shared-7c6365811cde2ae6649218e805d070a6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F88F 497 KB
109 KB 19ms
18ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-893c47193a47fc8d30c5f7113c8f627b.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6c9801eae4ff7c5a1caaad395fdaff7c5d870d768a2d7e10aa3dd02e8afbe687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-893c47193a47fc8d30c5f7113c8f627b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 07:37:53 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 2154
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 19:36:18 GMT
server: Cloudfront
etag: W/"180832e3712305515189fee4d532ee34"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yV1IqzWlonoUolAwhUEEwMH1WuEw_5IKMx4Wy1qZlaZROpl7h7FSAw==

GET
H3 200 payment-request-inner-browser-60213628200f3cf52c380275976f0441.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F88F 12 KB
5 KB 19ms
19ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-60213628200f3cf52c380275976f0441.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-893c47193a47fc8d30c5f7113c8f627b.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-893c47193a47fc8d30c5f7113c8f627b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 07:29:55 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 2635
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 22:19:44 GMT
server: Cloudfront
etag: W/"7d273750df5052a69a1190dbf1228b5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: orBVQhgxZl5TAluzFC3OmSCnA42MZF4LNxrAluB-kIsDDFSraGNMmg==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 165E 117 KB
36 KB 524ms
74ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

befe3b0e19e77a1734113d7c925766ae97ac1aa7ab47c4021c4a3cd70f388a76

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-sEoMBp0b5m0U27zyRgiIJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-sEoMBp0b5m0U27zyRgiIJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 04 Aug 2023 08:13:46 GMT

GET
H3 200 shared-7c6365811cde2ae6649218e805d070a6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 165E 497 KB
109 KB 17ms
16ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6c9801eae4ff7c5a1caaad395fdaff7c5d870d768a2d7e10aa3dd02e8afbe687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 07:37:53 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 2154
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 19:36:18 GMT
server: Cloudfront
etag: W/"180832e3712305515189fee4d532ee34"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tV960Pwdc3Sox1BWTIdmiDko_Lg5G7DQLYdGx9awZbLb0uwChZd21w==

GET
H3 200 payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 165E 10 KB
4 KB 11ms
10ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

582f83b00f967c6a8c2c10fd9791f7befec6c945e92cb74fe2c2c3455fea4301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-edb29b18f7fd6175ccf5c873219d9a87.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 04 Aug 2023 08:10:55 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 218
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 20:05:40 GMT
server: Cloudfront
etag: W/"06d594f6d0f8015f2a57b5d4eb5fcdb7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: FxUS8Vp6j4LX1F31S4lcojUI-1Njpy3K5HcZvufSkbVbQdDnoSq0Cg==

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 97ms
55ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:42:02 GMT
x-content-type-options: nosniff
age: 516704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 08:42:02 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 127ms
86ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:42:02 GMT
x-content-type-options: nosniff
age: 516704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 08:42:02 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 127ms
87ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:42:02 GMT
x-content-type-options: nosniff
age: 516704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 08:42:02 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 143ms
106ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:40:03 GMT
x-content-type-options: nosniff
age: 578023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 15:40:03 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 115ms
92ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:42:02 GMT
x-content-type-options: nosniff
age: 516704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 08:42:02 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/2363d0d2/www-widgetapi.vflset/ 203 KB
63 KB 251ms
250ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2363d0d2/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85991dfffb8a9d47e0abc058a6bdab8e390f1cda5f0f14f1439916448797e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 07:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64086
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 01:47:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 03 Aug 2024 07:38:06 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 249ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.forward.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:46 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1691136826.dop223.fr8.t,1691136826.cds220.fr8.hn,1691136826.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

POST
H2 200 csp-report
q.stripe.com/ Frame FF5B 0
716 B 556ms
180ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827001380
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691136827000889
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FF5B 0
717 B 554ms
178ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827001543
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691136827000940
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B8A8 930 B
1 KB 279ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 04 Aug 2023 08:13:46 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 45
x-content-type-options: nosniff
x-request-id: 201571ee-e261-4cea-86a8-e5bfb819ffdb
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1691136827.811351,VS0,VE0

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 72ms
71ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:40:03 GMT
x-content-type-options: nosniff
age: 578023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 15:40:03 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 72ms
72ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.forward.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 08:42:02 GMT
x-content-type-options: nosniff
age: 516704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 08:42:02 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F6C1 0
716 B 443ms
179ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827001713
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691136827000945
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F88F 0
717 B 611ms
355ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827174844
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691136827174550
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F88F 0
717 B 607ms
351ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827174757
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691136827174474
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F6C1 474 B
775 B 25ms
15ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 04726f30d15473bf1fbd493d5c484b5ca5c53ea89e59a5af378c8bb3dd596dd8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-78a52aaab8ec975504862fbbc86b413e.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Aug 2023 08:13:36 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
age: 10
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 474
last-modified: Thu, 03 Aug 2023 20:07:23 GMT
server: Cloudfront
etag: "938b78229e30fbb04b4fc473bfab9f02"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: QSo2lJFtYmYkGEmEygT2r18LSaenEf3fajzZAmHiZ4WjjhZSMWyFTQ==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame F6C1 1 KB
2 KB 338ms
255ms Fetch
application/json 52.30.58.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.30.58.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-58-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c5bc1c63c28004e777bfd9cab6f06166438fecc456b76b543fecac7866756103

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1409
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/477x3k4ffjzbsn6b/client_api/v1/ 1 KB
1 KB 386ms
341ms Script
application/javascript 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/477x3k4ffjzbsn6b/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2OTEyMjMyMjYsImp0aSI6ImQ0ZGIyY2EwLThhODItNGNlNC05MzU5LTA5MjQzYzdiNDExNiIsInN1YiI6IjQ3N3gzazRmZmp6YnNuNmIiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjQ3N3gzazRmZmp6YnNuNmIiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.L2093Cj9q8AwKDB6eUcyqSm48A57ZrXanZDc9HF5wnImEeAzp4mIrVLCGnm2q0FLEbGC3DoDQqJtchytLu506A&callback=callback_json8932898a4157445abddcbfbbe7322afe

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

Resource Hash

3602289fd30164b55ef2228faa3c825b9bb0ac504e5ae8072e2115f2e4553065

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: bcefac955bfc4
x-xss-protection: 1; mode=block
x-request-id: f2322160-3d6f-4bf8-b3f8-5b66d8df5446
x-runtime: 0.214828
referrer-policy: strict-origin-when-cross-origin
etag: W/"f561ab7c2e2a5d75b93083dedbd593d3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-broxyid: f2322160-3d6f-4bf8-b3f8-5b66d8df5446

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/477x3k4ffjzbsn6b/client_api/v1/ 1 KB
1 KB 407ms
368ms Script
application/javascript 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/477x3k4ffjzbsn6b/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2OTEyMjMyMjYsImp0aSI6ImY3YzAwNjJjLTg3YmQtNDI3Ni1iZTQ3LTY4NjljNjcyNjI4ZiIsInN1YiI6IjQ3N3gzazRmZmp6YnNuNmIiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjQ3N3gzazRmZmp6YnNuNmIiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.F4VKA0XD0pdf-O3bk2ZMDfBeReWizhj3aAjd5zp9baJf56u4H2AWtyyl5Ds6iGYL93B3oC-hLcLtVfveAlegJg&callback=callback_jsonb1e9800ab6f9452ead4cbe41d8ba3981

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

Resource Hash

859cdef03da8cc3cdaff33d52243fa1e6fbcee0e656c0e38f14f20e5417c85d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: b34887dbee5a4
x-xss-protection: 1; mode=block
x-request-id: 37d771f2-7c96-4224-a706-aae19671ac60
x-runtime: 0.242489
referrer-policy: strict-origin-when-cross-origin
etag: W/"8755e6a3caa15776f18cb9a0359c2d25"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-broxyid: 37d771f2-7c96-4224-a706-aae19671ac60

POST
H2 200 csp-report
q.stripe.com/ Frame B8A8 0
491 B 333ms
332ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827174812
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1691136827174600
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame B8A8 87 KB
15 KB 16ms
16ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 04 Aug 2023 08:13:46 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 205
x-cache: HIT
content-length: 15509
x-request-id: 74bfdc66-1b20-49b7-819e-48bef8ea6a8c
x-served-by: cache-fra-eddf8230057-FRA
server: Fastly
x-timer: S1691136827.937678,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 138

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 348ms
340ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176817
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827176262
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 340ms
333ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176436
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827176192
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 345ms
339ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176651
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827176318
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 339ms
333ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176504
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827176363
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 329ms
326ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827175798
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827175613
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 342ms
340ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827177105
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827176451
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 336ms
334ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827175890
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827175702
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 342ms
339ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176249
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1691136827175649
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 340ms
338ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176720
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827176541
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 334ms
333ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176680
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1691136827176500
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 340ms
339ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176912
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1691136827176597
access-control-allow-credentials: true
content-length: 0

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.forward.com/sso/ssobuild/js/ 22 KB
7 KB 49ms
48ms XHR
application/javascript 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-4eaa56b695146a72----1691136826957
traceparent: 00-38f7a6476afefb6d3380e6c88e65c800-4eaa56b695146a72-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0ZWFhNTZiNjk1MTQ2YTcyIiwidHIiOiIzOGY3YTY0NzZhZmVmYjZkMzM4MGU2Yzg4ZTY1YzgwMCIsInRpIjoxNjkxMTM2ODI2OTU3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 01:16:52 GMT
cf-bgj: minify
server: cloudflare
age: 651590
etag: W/"64b0a204-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7f1557d08c1d0482-FRA
expires: Fri, 26 Jul 2024 19:13:56 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame B8A8 156 B
669 B 557ms
177ms XHR
application/json 52.34.104.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.104.217 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-104-217.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f97b0f19c0bcb9f748b8b7a2547bd2d09dda5b699ace988b4f65410ac93b8076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827516803
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1691136827516544
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 csp-report
q.stripe.com/ Frame 165E 0
716 B 216ms
215ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827177010
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691136827176693
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 165E 0
717 B 214ms
214ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827176976
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691136827176702
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 status Show response
give.forward.com/sso/ 88 B
1 KB 148ms
147ms XHR
application/javascript 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.forward.com/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery3610893460089140049_1691136826953&_=1691136826954

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e440913d77176f8faa8a6225d29d61e762c7400a50318f749e89f82673822466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-4958e7203398b0d3----1691136827063
traceparent: 00-60ebbaa19d0f2bd70c192e6d63b77900-4958e7203398b0d3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0OTU4ZTcyMDMzOThiMGQzIiwidHIiOiI2MGViYmFhMTlkMGYyYmQ3MGMxOTJlNmQ2M2I3NzkwMCIsInRpIjoxNjkxMTM2ODI3MDYzfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
p3p: CP="Classy does not have a P3P policy."
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 7f1557d12cd70482-FRA
x-xss-protection: 1; mode=block

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 094A 18 KB
8 KB 79ms
78ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afd6cf841c91eb803380b9a8a95ac20bdb5763253e603a1ba485a7d84db48cc9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q2k3MRF5TnQZoTHa1-ew7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-q2k3MRF5TnQZoTHa1-ew7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 04 Aug 2023 08:13:47 GMT
expires: Fri, 04 Aug 2023 08:13:47 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 203ms
202ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827176856
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827176682
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/am=AMDY/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame 094A 157 KB
56 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/am=AMDY/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgxtEfoOlgPg2qr0LiUBAoVGSDb3g/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24bb9c6b7164cac7535386f83972e07d662040b97f72d4ee3ae2655fa984cfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 16:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56579
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 02:29:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 16:10:12 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 094A 2 KB
2 KB 119ms
118ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.forward.com
URL: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 183ms
182ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827345183
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827344730
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 180ms
180ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827348505
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827348003
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 180ms
180ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827353269
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827353023
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 179ms
179ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827355171
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827354847
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kXM... Frame 094A 72 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kXML1VnZhjY.L.B1.O/am=AMDY/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijWlzsZZSEDDD5LV85KA9OjAH_RQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/am=AMDY/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgxtEfoOlgPg2qr0LiUBAoVGSDb3g/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89cd002c54b9ede9a0a2681f80ccbc765d04abc06b86007dcf5caa64a680327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 16:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26790
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 00:54:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 16:10:12 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 094A 1 MB
372 KB 83ms
82ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2b12dc92a9342310b6ea04e8835c0c76e363c42c7eccb2bc87d749a08021b83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kMxabFfcC495c9sHosQVWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kMxabFfcC495c9sHosQVWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 04 Aug 2023 08:13:47 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kXM... Frame 094A 10 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kXML1VnZhjY.L.B1.O/am=AMDY/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijWlzsZZSEDDD5LV85KA9OjAH_RQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7943a0e461e3e5cc6e1fe5fc0ebf65c305f6108dc3109864f48ce0f1f9a9b472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 16:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3957
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 00:54:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 16:10:12 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kXM... Frame 094A 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.sEIon6FI9OE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.kXML1VnZhjY.L.B1.O/am=AMDY/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijWlzsZZSEDDD5LV85KA9OjAH_RQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071320cfa3ffe1320a2010c1d47021e9439298168837821634cf790563a2becd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 16:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13825
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 00:54:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 16:10:12 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
15ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 04 Aug 2023 08:13:47 GMT
expires: Fri, 04 Aug 2023 08:13:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 094A 131 B
155 B 90ms
33ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 08:13:47 GMT

POST
H3 200 log Show response
play.google.com/ Frame 094A 131 B
155 B 83ms
28ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 08:13:47 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 45ms
15ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 04 Aug 2023 08:13:47 GMT
expires: Fri, 04 Aug 2023 08:13:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 45ms
17ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 04 Aug 2023 08:13:47 GMT
expires: Fri, 04 Aug 2023 08:13:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 094A 131 B
155 B 85ms
28ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 08:13:47 GMT

POST
H3 200 log Show response
play.google.com/ Frame 094A 131 B
155 B 93ms
31ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 08:13:47 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
17ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 04 Aug 2023 08:13:47 GMT
expires: Fri, 04 Aug 2023 08:13:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 094A 131 B
155 B 92ms
31ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 08:13:47 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 32ms
17ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 04 Aug 2023 08:13:47 GMT
expires: Fri, 04 Aug 2023 08:13:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 28ms
15ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 04 Aug 2023 08:13:47 GMT
expires: Fri, 04 Aug 2023 08:13:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 094A 131 B
155 B 95ms
32ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 04 Aug 2023 08:13:47 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 181ms
180ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827453324
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827452908
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 181ms
181ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827453789
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827453469
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 189ms
183ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827475732
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827475085
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 188ms
182ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827475433
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1691136827475136
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 180ms
180ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827486368
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1691136827485828
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
give.forward.com/static/global/images/digitalWallets/ 3 KB
1 KB 49ms
47ms Image
image/svg+xml 2606:4700::6810:135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.forward.com/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/give/224077/?utm_source=Iterable&utm_medium=email&utm_campaign=sundayedition_7371757
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 19:41:06 GMT
server: cloudflare
age: 187859
etag: W/"64c02552-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f1557d35f700482-FRA
expires: Thu, 01 Aug 2024 04:02:48 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame F6C1 0
273 B 183ms
183ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7c6365811cde2ae6649218e805d070a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
x-stripe-server-envoy-start-time-us: 1691136827700819
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1691136827700239
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame B8A8 156 B
667 B 180ms
180ms XHR
application/json 52.34.104.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.104.217 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-104-217.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f97b0f19c0bcb9f748b8b7a2547bd2d09dda5b699ace988b4f65410ac93b8076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827722109
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1691136827721814
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame B8A8 156 B
668 B 225ms
224ms XHR
application/json 52.34.104.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.104.217 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-104-217.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f97b0f19c0bcb9f748b8b7a2547bd2d09dda5b699ace988b4f65410ac93b8076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 04 Aug 2023 08:13:47 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691136827769547
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1691136827768883
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
662 B 9ms
9ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.forward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 04 Aug 2023 08:07:17 GMT
x-content-type-options: nosniff
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age: 394
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 295
last-modified: Fri, 07 Jul 2023 21:51:16 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EW_2xowkCY2rKF3v2d5nONUPmiy5V9bVI9VXW4D5sK37x8xeK3yZ3g==

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.forwardcdn.com/	1970-01-20 13:47:03	Name: iterableEmailCampaignId Value: 7371757
.forwardcdn.com/	1970-01-20 13:47:03	Name: iterableTemplateId Value: 9823488
.forwardcdn.com/	1970-01-20 13:47:03	Name: iterableMessageId Value: 73bb81f749384f01a6b5084c5183cc5f
.forwardcdn.com/	1970-01-20 22:31:12	Name: iterableEndUserId Value: mpapernik%40comcast.net
links.forwardcdn.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 763f4fdc50ebc624428ed0bb2b71cd92c50da7d2-1691136823437-e7e2163d19c8e9fed72fef5b
give.forward.com/	1970-01-20 23:21:36	Name: connect.sid Value: s%3Ai75TPbSK5kEbj9CY9x7l-4A0n4N4EIkD.JBhSXAXvNS1NodqDg4s36H82AufJjRoe1h6oAACX3TM
.give.forward.com/	1970-01-20 13:45:38	Name: __cf_bm Value: qCyrEgICvCA9K7iHPsOGN6x2pESe67TH_hFHhvB7ei0-1691136824-0-AWWMem3Sv63xLmYfRZuhFgdVfLzRX8Ag9zMWOafmXSonJ5pQBzC//iHxDLMRDKTT06mLw/f1KlG4UjFwMlbjsHk=
.give.forward.com/	1969-12-31 23:59:59	Name: __cfruid Value: 89510e216232314bd800f84329689a7bd5a937b1-1691136824
.classy.org/	1970-01-20 13:45:38	Name: __cf_bm Value: DFz4vxHJcG28Mdvx0JfJqsWQgKnXFpiixmso2mrCCME-1691136824-0-AdA7lA6H2oiIRUOe6WfhFc+3ynWrMikeLGhMeqHnYCrpx0Cl+1Jiks+9XV/mpsiAnHp8r2sgawmAnweTLQwclpM=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: G1hEE2LMi6E
.youtube.com/	1970-01-20 18:04:48	Name: VISITOR_INFO1_LIVE Value: F7q4yxhNYqs
give.forward.com/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: YIjIAlq2-Iyf8K9R9Sut9JvqpBAftH9eg8-I
.google.com/	1970-01-20 18:09:08	Name: NID Value: 511=VuoZCE64Jgpp7DX_88WR0N_fMdki_TVsI61wkGZVhkwzd3327ERAaz8Pt3GMeqelHys1DY_oB3w-o3yWjiMatpvPeug6VtJG_iypP-rcYdRAYKESfnH8A_NC7xcBNDLDZq3Mh65-l3ZFSTKW4NSo9PFqPqgAGwZH72cc_q38z6I
give.forward.com/	1970-01-20 13:45:37	Name: XSRF-TOKEN Value: eyJpdiI6Ilp3eTh4OG85RFwvcHNzSTVZdWdkTmRnPT0iLCJ2YWx1ZSI6IjM2NmU0ZzBPbk5ON0srY3dCTWlkQmw4bGx0WW5vR1wvNGttZkNEXC9sZ29cL0R4Tmt5U0NPKzRRUm1lXC8zNWVuZ2Via1F4XC9uWjZzVUl4Wjg1N2tIcTNZNGZ3RTVXUWtkZU5KeE9nbzNnWDlYYVhKRFlpY3pSNHJDeFk2VHZZWFwvb25zIiwibWFjIjoiZDM1ZDdkMmJlNjkzNGNhOWY3NTgwYmJiNmQ5NmNjMzA2ZDE3MWZmYTQ5MmI4ZjMxNmM0NzBjZmQ3MjRjOGM5MyJ9
give.forward.com/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IitCVDY2bWdlMnYrYTZtZzJzRTFNZ3c9PSIsInZhbHVlIjoiVUpRUkxVdzFjXC9LUFdvTFB4SzBcL1JGMnNJRkl6YzF0RklpN3FUTWhqT0xRRTEwSWVZOFdGdVJWUGZPSzhjemJXU0dEWDEzenRZOElDcklZY0VoQTk3cVlYUlF5aEJpVG1xZHlqUXhpWFJpVFpKRGpoazlTZ2JQUXA4WjNydEZ1XC8iLCJtYWMiOiI4MjMwZWJiMGMzYTc5MGZjMWNmZDBjMzUyNGI4Nzc2N2NlNGMxYmU3MzhkMDZkMzM1YWY2MTdkMWM3ZGU5NWJiIn0%3D
m.stripe.com/	1970-01-20 23:21:36	Name: m Value: 09a02f3b-af5d-4e9f-9d92-f0e40cb99d276443df
.give.forward.com/	1970-01-20 22:31:12	Name: __stripe_mid Value: 066a03fe-78ff-4db8-849b-ad2698660c8e032b2e
.give.forward.com/	1970-01-20 13:45:38	Name: __stripe_sid Value: 07020f61-e1c3-4cac-b6f3-3f6bb3172b686fe223

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.braintreegateway.com
assets.classy.org
cdn.plaid.com
cdn.transcend.io
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
give.forward.com
htp.tokenex.com
js.braintreegateway.com
js.stripe.com
links.forwardcdn.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
static.cloudflareinsights.com
unpkg.com
www.gstatic.com
www.youtube.com
13.248.139.42
151.101.128.176
151.101.130.133
2001:4de0:ac18::1:a:3b
2600:9000:2250:1e00:2:8531:afc0:93a1
2600:9000:2490:9200:1a:610:66c0:93a1
2606:4700::6810:135
2606:4700::6810:3965
2606:4700::6810:7aaf
2606:4700::6812:bb0e
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::5c
52.143.247.24
52.222.214.33
52.30.58.64
52.34.104.217
54.186.23.98
99.86.4.76
04726f30d15473bf1fbd493d5c484b5ca5c53ea89e59a5af378c8bb3dd596dd8
071320cfa3ffe1320a2010c1d47021e9439298168837821634cf790563a2becd
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
12cba53acdbbb5396c1f085ea09168868b5e722e2e3d23fde06bedf94ca96b70
18d557004bb5af9ede88e212f8736a1bffa19f319d92dfc1b585d39a60a9a0e8
24bb9c6b7164cac7535386f83972e07d662040b97f72d4ee3ae2655fa984cfb3
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f
31a9734bf96f4a261ad9ae679cad02b454e47dafeabb49736569b9dddd7187f5
3602289fd30164b55ef2228faa3c825b9bb0ac504e5ae8072e2115f2e4553065
3a43c23c66c7686d5dea82aeee1b825d82c815e72f80e4b4ecc813019449395a
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
4b30da9caad65ee78eaa78e84571694935dbdcc393b1d7302eeb8c1ac9b2735a
4c7c06c2f53f9655d4e600abbfb48284d0c10e3e90b6a6ca4bfdafe1c0d5c914
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53269878d5aafc41b44e729d4c787220da4cf746689526d56605f75ec697b167
574727e349f11f0be5f5edc57afe25019a8c2fc6d4d5a539eabd1e34d539ff10
582f83b00f967c6a8c2c10fd9791f7befec6c945e92cb74fe2c2c3455fea4301
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031
686a368693fc931f956b751518ee0e941c6917a48fb1bc5478bf641beb5f3739
6a4e868fc237b96dd75784aa3f06da5671c505b5a94795472e7a51fa18660de1
6c9801eae4ff7c5a1caaad395fdaff7c5d870d768a2d7e10aa3dd02e8afbe687
7484012b8efad28d8e37589ffbaa60c02981c7c36124501cb2c62251aa334b4e
7844c09e72fbc0439682ef4b71ae2feee2f803791423b5415c3109e66d5439e4
7943a0e461e3e5cc6e1fe5fc0ebf65c305f6108dc3109864f48ce0f1f9a9b472
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
82b3d2b84d475ae4f8b51ca8791e4ef942eea2b1dc4abaaebaf9cde57205999d
855bdad87a3e18046468043a285b9d8be2823316988ec0e084d0d28a6006a484
859cdef03da8cc3cdaff33d52243fa1e6fbcee0e656c0e38f14f20e5417c85d9
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8da694f27e42141917a6f3061d91c3074497bdaf1273e107b892386e8b8419ff
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98cd8019ec1c531fec04381b5ac4914bf66dc8a7e5ac0e1fd52654118946161d
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
a39c7130747e5795889aa3ee603173b357eb0deade0252622413c78ddbe00350
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a43da7cb17a78b2fa926f5fd74bf098301844fd2d32fe4c481c03392dcf3fb0b
a85991dfffb8a9d47e0abc058a6bdab8e390f1cda5f0f14f1439916448797e4f
a89cd002c54b9ede9a0a2681f80ccbc765d04abc06b86007dcf5caa64a680327
a9149cc992e285a9f99d6f0d6ecaf1d6dca1221706906242180e5867bb6728c7
aa8805eb85efe71ac8af603eaeeeb860831fc4ba4809dd8d78384c803140d27a
afd6cf841c91eb803380b9a8a95ac20bdb5763253e603a1ba485a7d84db48cc9
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b695c5e14b66e115c87eb8f5cc45a583377d49a57ec35818d70bb15d6243af08
befe3b0e19e77a1734113d7c925766ae97ac1aa7ab47c4021c4a3cd70f388a76
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c5bc1c63c28004e777bfd9cab6f06166438fecc456b76b543fecac7866756103
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c80067cfa1054c281cbe765415f506d945ba144ee7dc9c8b1d1a4d464b0cc929
c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2b12dc92a9342310b6ea04e8835c0c76e363c42c7eccb2bc87d749a08021b83
d5bd8651b4dc62caae9fe18a12109eb26eec54b2311bd0339e9c5a53f31b275b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
dd4c9562ac28e2ff1a8f3ccd6361cbbd2a1c4e58d3969a03c70f774050f95a49
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440913d77176f8faa8a6225d29d61e762c7400a50318f749e89f82673822466
e5429753009ae95f396738f679b8a1bec34ff205cfe4344f132f97b6c4e4a4cc
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef41c30318981cdcb96dbc64272f44ae155ee910245ab04eadbeca7c582758fc
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f6989220ff0e2a705c49890ad50af7750ab3364a06cdc65c72193cc5068d01c7
f97b0f19c0bcb9f748b8b7a2547bd2d09dda5b699ace988b4f65410ac93b8076
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fd731e44490e31a9862bff17ef8378866814d1fd31eb81d6d946bd7f2f868cb5
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

give.forward.com Open in urlscan Pro 2606:4700::6810:135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

59 %IPv6

16 Domains

25 Subdomains

21 IPs

5 Countries

2993 kBTransfer

10515 kBSize

18 Cookies

10 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.forward.com Open in urlscan Pro
2606:4700::6810:135 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

59 %
IPv6

16
Domains

25
Subdomains

21
IPs

5
Countries

2993 kB
Transfer

10515 kB
Size

18
Cookies

126 HTTP transactions
0 data transactions