Submitted URL: https://digitalprofilebuzz.com/campaigns/mz37353doz194/track-url/de982yv0owdde/fd157d523f69a94271ff65a3d48e945aade049fe
Effective URL: https://supporters.eff.org/donate/greetings--NDE
Submission: On November 28 via manual from IN — Scanned from CA

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 100 HTTP transactions. The main IP is 173.239.79.196, located in El Cerrito, United States and belongs to UNWIRED, US. The main domain is supporters.eff.org.
TLS certificate: Issued by R3 on November 1st 2022. Valid for: 3 months.
This is the only time supporters.eff.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
46 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2411
q.stripe.com — Cisco Umbrella Rank: 20778
r.stripe.com — Cisco Umbrella Rank: 7151
m.stripe.com
490 KB
33 eff.org
eff.org — Cisco Umbrella Rank: 38583
www.eff.org — Cisco Umbrella Rank: 39464
supporters.eff.org
anon-stats.eff.org — Cisco Umbrella Rank: 841710
4 MB
17 google.com
pay.google.com — Cisco Umbrella Rank: 3292
play.google.com — Cisco Umbrella Rank: 63
398 KB
4 gstatic.com
www.gstatic.com
103 KB
2 stripe.network
m.stripe.network
17 KB
1 digitalprofilebuzz.com
digitalprofilebuzz.com
481 B
100 6
Domain Requested by
29 supporters.eff.org supporters.eff.org
20 r.stripe.com js.stripe.com
17 js.stripe.com supporters.eff.org
js.stripe.com
13 play.google.com www.gstatic.com
8 q.stripe.com supporters.eff.org
4 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com js.stripe.com
pay.google.com
supporters.eff.org
www.gstatic.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 anon-stats.eff.org supporters.eff.org
anon-stats.eff.org
1 m.stripe.com m.stripe.network
1 www.eff.org 1 redirects
1 eff.org 1 redirects
1 digitalprofilebuzz.com 1 redirects
100 13

This site contains links to these domains. Also see Links.

Domain
www.eff.org
about.usps.com
Subject Issuer Validity Valid
supporters.eff.org
R3
2022-11-01 -
2023-01-30
3 months crt.sh
anon-stats.eff.org
R3
2022-11-01 -
2023-01-30
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-10-19 -
2023-01-11
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-12 -
2023-03-09
4 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-15 -
2023-01-26
4 months crt.sh

This page contains 7 frames:

Primary Page: https://supporters.eff.org/donate/greetings--NDE
Frame ID: 9C30768A74BE808EEBE3030824E641A0
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
Frame ID: D324171C88F60FC669AA70FC054ABE70
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Frame ID: F55AD1CD4A3D1042D041553AABDCE317
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
Frame ID: 35DCD5C1328B447FA507A8F888D1318B
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: F6F5043EC645CBF495EA37C397A740CB
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: CEB21DDFA7BD97379BA8AB168BA302D7
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8BEA4587BFEACF8587AA7C044898AC35
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Defend Privacy and Free Speech | Electronic Frontier Foundation

Page URL History Show full URLs

  1. https://digitalprofilebuzz.com/campaigns/mz37353doz194/track-url/de982yv0owdde/fd157d523f69a94271ff65a3d48e... HTTP 301
    https://eff.org/r.yw9r HTTP 301
    https://www.eff.org/r.yw9r HTTP 301
    https://supporters.eff.org/donate/greetings--NDE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

100
Requests

100 %
HTTPS

44 %
IPv6

6
Domains

13
Subdomains

7
IPs

2
Countries

4642 kB
Transfer

7966 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://digitalprofilebuzz.com/campaigns/mz37353doz194/track-url/de982yv0owdde/fd157d523f69a94271ff65a3d48e945aade049fe HTTP 301
    https://eff.org/r.yw9r HTTP 301
    https://www.eff.org/r.yw9r HTTP 301
    https://supporters.eff.org/donate/greetings--NDE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

100 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request greetings--NDE
supporters.eff.org/donate/
Redirect Chain
  • https://digitalprofilebuzz.com/campaigns/mz37353doz194/track-url/de982yv0owdde/fd157d523f69a94271ff65a3d48e945aade049fe
  • https://eff.org/r.yw9r
  • https://www.eff.org/r.yw9r
  • https://supporters.eff.org/donate/greetings--NDE
109 KB
18 KB
Document
General
Full URL
https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
2d768feb85332c343d55f535e65b75de0742ff1c242387f3a307cbb9f8a48fe5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Nov 2022 12:23:21 GMT
Etag
W/"2d768feb85332c343d55f535e65b75de"
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
b4e2e124-6efd-43a8-88a1-a08977e824df
X-Runtime
0.023454
X-Xss-Protection
1; mode=block

Redirect headers

accept-ranges
bytes
age
934
cache-control
public, max-age=1800
content-encoding
gzip
content-length
21
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 12:23:21 GMT
etag
"1669637267-1"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Mon, 28 Nov 2022 12:07:47 GMT
location
https://supporters.eff.org/donate/greetings--NDE
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Cookie,Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
2, 0
x-content-type-options
nosniff
x-download-options
noopen
x-drupal-cache
MISS
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-redirect-id
15191
x-served-by
cache-sjc10081-SJC, cache-yyz4557-YYZ
x-timer
S1669638201.335613,VS0,VE64
x-xss-protection
1; mode=block
donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
supporters.eff.org/donate/assets/
45 KB
10 KB
Stylesheet
General
Full URL
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Last-Modified
Wed, 23 Nov 2022 21:58:18 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Content-Length
9295
X-XSS-Protection
1; mode=block
donate-2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3.js
supporters.eff.org/donate/assets/
384 KB
120 KB
Script
General
Full URL
https://supporters.eff.org/donate/assets/donate-2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3.js
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Last-Modified
Wed, 23 Nov 2022 21:58:31 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Content-Length
122217
X-XSS-Protection
1; mode=block
logo-donate-5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91.png
supporters.eff.org/donate/assets/
1 KB
2 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/logo-donate-5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
1146
X-XSS-Protection
1; mode=block
summer-greetings-2-banner.jpg
supporters.eff.org/donate/images/donate_page/555/
535 KB
535 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/donate_page/555/summer-greetings-2-banner.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
38988407620a6f74a9d5a4dc0579b3fe8db0c689323cbbc38d93bbd6a2dc52b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jun 2022 17:44:18 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
547873
X-XSS-Protection
1; mode=block
expenses-fy2021-combined-821ce74dbb2d82fad30fe6da94959e9bc66ccafb678d0abb487bb5e8cd5aeb69.png
supporters.eff.org/donate/assets/expenses/
63 KB
63 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/expenses/expenses-fy2021-combined-821ce74dbb2d82fad30fe6da94959e9bc66ccafb678d0abb487bb5e8cd5aeb69.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
821ce74dbb2d82fad30fe6da94959e9bc66ccafb678d0abb487bb5e8cd5aeb69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Nov 2022 22:19:01 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
64499
X-XSS-Protection
1; mode=block
expenses-fy2021-text-3aae4f194de291abb2e318f51e5c75130aef462caa0d904fa79307ed9f5abd69.png
supporters.eff.org/donate/assets/expenses/
20 KB
20 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/expenses/expenses-fy2021-text-3aae4f194de291abb2e318f51e5c75130aef462caa0d904fa79307ed9f5abd69.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
3aae4f194de291abb2e318f51e5c75130aef462caa0d904fa79307ed9f5abd69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Nov 2022 22:19:01 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
20066
X-XSS-Protection
1; mode=block
expenses-fy2021-graph-c59d453a50fe4f1a006f98284c8a6f41172b3f679bbdffa13b24585c95f5d27c.png
supporters.eff.org/donate/assets/expenses/
60 KB
61 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/expenses/expenses-fy2021-graph-c59d453a50fe4f1a006f98284c8a6f41172b3f679bbdffa13b24585c95f5d27c.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
c59d453a50fe4f1a006f98284c8a6f41172b3f679bbdffa13b24585c95f5d27c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Nov 2022 22:19:01 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
61817
X-XSS-Protection
1; mode=block
Multisticker_Sheet_Cream.png
supporters.eff.org/donate/images/premium/34/
96 KB
96 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/34/Multisticker_Sheet_Cream.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
6f44096f5accf771bbe7ea77ead7ae352f8fa801ce7e26735174687df7118c7a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jun 2022 23:03:02 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
97866
X-XSS-Protection
1; mode=block
Fuzzy_Monogram_T-Shirts.jpg
supporters.eff.org/donate/images/premium/35/
704 KB
705 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/35/Fuzzy_Monogram_T-Shirts.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
774807e7b83672f0cc75740aa6dc8ee6338335345ec188eb2dcc190935c68299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 15 Jul 2022 00:05:45 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
721317
X-XSS-Protection
1; mode=block
2022-membership-fuzzshirt_callout.png
supporters.eff.org/donate/images/premium/35/
158 KB
159 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/35/2022-membership-fuzzshirt_callout.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
3ec4e5df4a1f7a6cf6eed10505edb3ec832f6dc5b4557efc2737b7097f07c075
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Jul 2022 18:32:20 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
162090
X-XSS-Protection
1; mode=block
Stay_Golden_FB.jpg
supporters.eff.org/donate/images/premium/30/
272 KB
0
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/30/Stay_Golden_FB.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Jul 2021 23:18:29 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
575658
X-XSS-Protection
1; mode=block
2021-member-shirt.png
supporters.eff.org/donate/images/premium/30/
18 KB
18 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/30/2021-member-shirt.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
b38a2fa7279be4a31672a509b7451410b3ec119443ee86cbcf54ec0adb06fec0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 19 Jul 2021 23:18:29 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
18198
X-XSS-Protection
1; mode=block
2022-membership-fuzzyshirt_pins.png
supporters.eff.org/donate/images/premium/36/
207 KB
207 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/36/2022-membership-fuzzyshirt_pins.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
b32262390361b66dcc5bd0161470f38595c5294d32063bccdf1baa08d94e045e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Jul 2022 18:34:09 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
211641
X-XSS-Protection
1; mode=block
2022-Donor-Combo_Cream.jpg
supporters.eff.org/donate/images/premium/29/
310 KB
310 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/29/2022-Donor-Combo_Cream.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
69f24f20f8c8f2aca6d54c0fec57f6d843e3f925b4dc73f33d5b4e5ffa0a65ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 08 Jun 2022 15:26:47 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
317422
X-XSS-Protection
1; mode=block
Hoodie_Front_and_Back_White_1200.jpg
supporters.eff.org/donate/images/premium/22/
675 KB
676 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/22/Hoodie_Front_and_Back_White_1200.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
4a97559805aed5316d4e2c8120562b58e6c06342ce2c3a98d50e3a2168356fb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jul 2020 20:04:17 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
691547
X-XSS-Protection
1; mode=block
Back_Square_White_300.jpg
supporters.eff.org/donate/images/premium/22/
77 KB
78 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/22/Back_Square_White_300.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
20fa743d3b4279272a83134dd387ff44142ad81033e8520396ffeb13b06c5543
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jul 2020 18:00:04 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
79151
X-XSS-Protection
1; mode=block
2022-GuardianMembership-Card-Shirt.jpg
supporters.eff.org/donate/images/premium/38/
66 KB
66 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/38/2022-GuardianMembership-Card-Shirt.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
c6bec14fdc88b32d33b434bf5a27e7b9ff27f9aa6e9f80df9502c51416bc5d35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Aug 2022 19:19:54 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
67230
X-XSS-Protection
1; mode=block
2022-GuardianMembershipBundle.jpg
supporters.eff.org/donate/images/premium/37/
209 KB
209 KB
Image
General
Full URL
https://supporters.eff.org/donate/images/premium/37/2022-GuardianMembershipBundle.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
e830f611f3b93a2a53b343dcb2beba237ace11b168b83e5a0292ad088b91800d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/greetings--NDE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Aug 2022 19:20:53 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
213798
X-XSS-Protection
1; mode=block
matomo.js
anon-stats.eff.org/
61 KB
61 KB
Script
General
Full URL
https://anon-stats.eff.org/matomo.js
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self'; img-src 'self' data:; font-src 'self'; connect-src 'self'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self'; img-src 'self' data:; font-src 'self'; connect-src 'self'
Last-Modified
Fri, 15 Jan 2021 01:54:43 GMT
Server
nginx
ETag
"6000f5e3-f21c"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61980
X-XSS-Protection
1; mode=block
summer-site-donate-bg-a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c.jpg
supporters.eff.org/donate/assets/
45 KB
46 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/summer-site-donate-bg-a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c.jpg
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Jun 2021 22:10:49 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
46296
X-XSS-Protection
1; mode=block
Montserrat-Light-263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8.woff
supporters.eff.org/donate/assets/
22 KB
23 KB
Font
General
Full URL
https://supporters.eff.org/donate/assets/Montserrat-Light-263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8.woff
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Origin
https://supporters.eff.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Content-Length
22964
X-XSS-Protection
1; mode=block
Montserrat-SemiBold-ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9.woff
supporters.eff.org/donate/assets/
31 KB
31 KB
Font
General
Full URL
https://supporters.eff.org/donate/assets/Montserrat-SemiBold-ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9.woff
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Origin
https://supporters.eff.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Content-Length
31232
X-XSS-Protection
1; mode=block
LatoLatin-Regular-9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be.woff
supporters.eff.org/donate/assets/
71 KB
71 KB
Font
General
Full URL
https://supporters.eff.org/donate/assets/LatoLatin-Regular-9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be.woff
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Origin
https://supporters.eff.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Content-Length
72456
X-XSS-Protection
1; mode=block
Montserrat-Black-bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7.woff
supporters.eff.org/donate/assets/
20 KB
21 KB
Font
General
Full URL
https://supporters.eff.org/donate/assets/Montserrat-Black-bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7.woff
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Origin
https://supporters.eff.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Content-Length
20780
X-XSS-Protection
1; mode=block
radio-unselected-f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec.png
supporters.eff.org/donate/assets/
1 KB
2 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/radio-unselected-f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
1411
X-XSS-Protection
1; mode=block
expand-5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4.png
supporters.eff.org/donate/assets/
629 B
1 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/expand-5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Oct 2020 18:18:05 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
629
X-XSS-Protection
1; mode=block
chevron-down-7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf.png
supporters.eff.org/donate/assets/
2 KB
2 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/chevron-down-7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
1689
X-XSS-Protection
1; mode=block
radio-selected-1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4.png
supporters.eff.org/donate/assets/
2 KB
2 KB
Image
General
Full URL
https://supporters.eff.org/donate/assets/radio-selected-1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4.png
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Content-Length
1573
X-XSS-Protection
1; mode=block
Montserrat-Regular-8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e.woff
supporters.eff.org/donate/assets/
23 KB
23 KB
Font
General
Full URL
https://supporters.eff.org/donate/assets/Montserrat-Regular-8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e.woff
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
nginx /
Resource Hash
8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supporters.eff.org/donate/assets/donate-738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f.css
Origin
https://supporters.eff.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 12:23:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2020 18:43:38 GMT
Server
nginx
X-Permitted-Cross-Domain-Policies
none
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Connection
keep-alive
Content-Length
23148
X-XSS-Protection
1; mode=block
/
js.stripe.com/v3/
398 KB
96 KB
Script
General
Full URL
https://js.stripe.com/v3/?_=1669638202285
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://supporters.eff.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
40
x-cache
HIT
content-length
97906
x-request-id
98b311f9-9448-4f4e-9e8c-d63abafa27c4
x-served-by
cache-yul12829-YUL
last-modified
Tue, 22 Nov 2022 04:35:54 GMT
server
Fastly
etag
"0811280c436e51c657484d591864732e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
33
controller-0ab991f8c7ab188e2ac0d18e04e20111.html
js.stripe.com/v3/ Frame D324
325 B
676 B
Document
General
Full URL
https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1669638202285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fd46e7a7282fdd649cfcccd1c3dc801bf9b1d22df08392a58c7007c4dc391a34
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://supporters.eff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28
cache-control
max-age=60
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 12:23:22 GMT
etag
"0ab991f8c7ab188e2ac0d18e04e20111"
last-modified
Tue, 22 Nov 2022 03:54:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
15
x-content-type-options
nosniff
x-request-id
50d4f501-12e7-4d3d-b18f-a2de8d706d2c
x-served-by
cache-yul12829-YUL
elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
js.stripe.com/v3/ Frame F55A
798 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1669638202285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0bb4457a21983eedb423058dbba9788909de635dbdbba8f740f6f444a3800383
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://supporters.eff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
548771
cache-control
max-age=31536000
content-encoding
br
content-length
290
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 12:23:22 GMT
etag
"180159345ce5ca40cf05560276ef12f8"
last-modified
Tue, 22 Nov 2022 03:54:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
55260
x-content-type-options
nosniff
x-request-id
0a079ef0-9338-4c5d-be4e-0181c4cb4e9b
x-served-by
cache-yul12829-YUL
payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
js.stripe.com/v3/ Frame 35DC
408 B
1001 B
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1669638202285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
02683d118a5662036b12b4ac44efcd6357ed46978215f125c76d72b7bd0e8fc9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://supporters.eff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
548207
cache-control
max-age=31536000
content-encoding
br
content-length
183
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 12:23:22 GMT
etag
"6fd7315633767d82f5b4b703ef1816ff"
last-modified
Tue, 22 Nov 2022 03:54:48 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
24912
x-content-type-options
nosniff
x-request-id
b3b4de0e-252b-43e3-9f11-067da947594c
x-served-by
cache-yul12829-YUL
csp-report
q.stripe.com/ Frame D324
0
571 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-f28d86407686be4d579ebbdf8fb35905.js
js.stripe.com/v3/fingerprinted/js/ Frame D324
281 KB
63 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
548771
x-cache
HIT
content-length
64650
x-request-id
d4b93465-39ca-44bf-8af2-4a0683ed0cab
x-served-by
cache-yul12829-YUL
last-modified
Tue, 22 Nov 2022 03:54:48 GMT
server
Fastly
etag
"989ed53e94e7ad5c1f0b32b20bfa7a62"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
193245
controller-7debbe0b3d236f89f990509f6668b469.js
js.stripe.com/v3/fingerprinted/js/ Frame D324
439 KB
106 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-7debbe0b3d236f89f990509f6668b469.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7691302dfd8de93895388bca30d87b824943fb3505bc150c311c32f4106d0d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
548771
x-cache
HIT
content-length
108619
x-request-id
f9fb3cb4-8ffc-413c-8b56-65a7691a2317
x-served-by
cache-yul12829-YUL
last-modified
Tue, 22 Nov 2022 03:54:46 GMT
server
Fastly
etag
"a448b4cb3d20acf662dd0f764deb7a09"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
153674
csp-report
q.stripe.com/ Frame F55A
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame F55A
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-f28d86407686be4d579ebbdf8fb35905.js
js.stripe.com/v3/fingerprinted/js/ Frame F55A
281 KB
63 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
548771
x-cache
HIT
content-length
64650
x-request-id
c9f2bc27-a73c-4257-8f0e-2246aa512419
x-served-by
cache-yul12829-YUL
last-modified
Tue, 22 Nov 2022 03:54:48 GMT
server
Fastly
etag
"989ed53e94e7ad5c1f0b32b20bfa7a62"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
193246
ui-shared-d642756d6b2fe5ff3f3082e52195392b.js
js.stripe.com/v3/fingerprinted/js/ Frame F55A
231 KB
65 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-d642756d6b2fe5ff3f3082e52195392b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c593a5955e5bbdb5e048535982fb1a361ebc620a99554eccc5fe24ce37f2201c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
591487
x-cache
HIT
content-length
66667
x-request-id
2d20c272-ee75-4123-ba09-9f3c64817361
x-served-by
cache-yul12829-YUL
last-modified
Mon, 21 Nov 2022 16:03:18 GMT
server
Fastly
etag
"e33bc9017f27150aa5e2780e01f8d8de"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
45826
elements-inner-card-209730d6bf04a838424b6fd7ca4d6525.js
js.stripe.com/v3/fingerprinted/js/ Frame F55A
50 KB
13 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-209730d6bf04a838424b6fd7ca4d6525.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
769733bf26bce6487a83cd8295fea49b08e29f79700b0c9d14ff38ba8a660d72
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
591487
x-cache
HIT
content-length
12725
x-request-id
cee73833-97b8-46e8-bbd7-34454b460d3f
x-served-by
cache-yul12829-YUL
last-modified
Mon, 21 Nov 2022 16:03:16 GMT
server
Fastly
etag
"8fc9391a1fe5856dc738a7f4442af61d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
38159
ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
js.stripe.com/v3/fingerprinted/css/ Frame F55A
19 KB
3 KB
Stylesheet
General
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
917079
x-cache
HIT
content-length
2806
x-request-id
0377fbc8-7c06-41c3-b7ac-f4fa3e16f103
x-served-by
cache-yul12829-YUL
last-modified
Thu, 17 Nov 2022 21:36:36 GMT
server
Fastly
etag
"946f1f202e973574c4704321cd043858"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
68225
elements-inner-card-df2f45d4dc3192d6ca0e0806752c6ace.css
js.stripe.com/v3/fingerprinted/css/ Frame F55A
5 KB
1 KB
Stylesheet
General
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-df2f45d4dc3192d6ca0e0806752c6ace.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
40f32f785992d95f60702abf5baf09b4804fca7655de9d2ba169fec2ad84926e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
917079
x-cache
HIT
content-length
981
x-request-id
85cd3191-b3da-4025-b918-bd56bfc47755
x-served-by
cache-yul12829-YUL
last-modified
Thu, 17 Nov 2022 21:36:36 GMT
server
Fastly
etag
"d2626d1c6ef395c18991522165918639"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
56700
csp-report
q.stripe.com/ Frame 35DC
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 35DC
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
pay.js
pay.google.com/gp/p/js/ Frame 35DC
102 KB
33 KB
Script
General
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-mR-2_oxCooQar_-sZ3GOoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-mR-2_oxCooQar_-sZ3GOoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 28 Nov 2022 12:23:22 GMT
shared-f28d86407686be4d579ebbdf8fb35905.js
js.stripe.com/v3/fingerprinted/js/ Frame 35DC
281 KB
63 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
548771
x-cache
HIT
content-length
64650
x-request-id
dac6e06f-f62a-41a1-8e10-1afa4e76f32e
x-served-by
cache-yul12829-YUL
last-modified
Tue, 22 Nov 2022 03:54:48 GMT
server
Fastly
etag
"989ed53e94e7ad5c1f0b32b20bfa7a62"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
193247
payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js
js.stripe.com/v3/fingerprinted/js/ Frame 35DC
9 KB
3 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ca2da25ca733139ab1211bc78a116fdc99158a89c2cf9faa5d10d6fb9e09f213
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-6fd7315633767d82f5b4b703ef1816ff.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:22 GMT
via
1.1 varnish
age
1268237
x-cache
HIT
content-length
3383
x-request-id
ff781909-4b70-457b-baa0-2d3b9ba7ec33
x-served-by
cache-yul12829-YUL
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"1d702381bed2746ffebb1ffefc2444b4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
73482
.deploy_status_henson.json
js.stripe.com/v3/ Frame D324
474 B
585 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-0ab991f8c7ab188e2ac0d18e04e20111.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
26
x-cache
HIT
content-length
275
x-request-id
85da36e2-afc8-445c-b9bb-1a3077143826
x-served-by
cache-yul12820-YUL
last-modified
Tue, 22 Nov 2022 04:35:55 GMT
server
Fastly
etag
"8187e54a4c42e719206e850e7751fe34"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
.deploy_status_henson.json
js.stripe.com/v3/ Frame F55A
474 B
350 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-180159345ce5ca40cf05560276ef12f8.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
26
x-cache
HIT
content-length
275
x-request-id
e7fe7848-40de-4862-a953-83b78f0ec1b3
x-served-by
cache-yul12820-YUL
last-modified
Tue, 22 Nov 2022 04:35:55 GMT
server
Fastly
etag
"8187e54a4c42e719206e850e7751fe34"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
11
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
payframe
pay.google.com/gp/p/ui/ Frame F6F5
18 KB
8 KB
Document
General
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cd1a99b7ecc82286ca7b2b58befe98db17c5c5905c3d25c1cf8312d5a6daa4c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RIxAluVO0znp9qknCztw2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RIxAluVO0znp9qknCztw2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Mon, 28 Nov 2022 12:23:22 GMT
expires
Mon, 28 Nov 2022 12:23:22 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F6F5
2 KB
2 KB
Other
General
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:22 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame F6F5
153 KB
55 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8819c3a389a1c9ea0399b53764839d55d905ad30166aac383ffa25b95d75a194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 10:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55348
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 00:27:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 10:54:00 GMT
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1... Frame F6F5
68 KB
25 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1Hj1iAOKo.L.B1.O/am=MwAI/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriQSvbkeSGntvDaVaCnTmC9MWtreQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b44a0bc284e18100f9cb620a0b9e7c39fcf2dc14d191078b411bf3361be8430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25774
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 00:27:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 09:27:13 GMT
pay
pay.google.com/gp/p/ui/ Frame F6F5
1 MB
355 KB
XHR
General
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dbbd3dd07adfa144741996b8bc1989a9dafbc7ec69a4a00e471ad75a6f8a143d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OnX-25qgIMHfhdGzv4WgPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OnX-25qgIMHfhdGzv4WgPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 28 Nov 2022 12:23:23 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1... Frame F6F5
23 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1Hj1iAOKo.L.B1.O/am=MwAI/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriQSvbkeSGntvDaVaCnTmC9MWtreQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25a1da729a9b3093b6342a5865f31de9d401066ead78804e2a00851f173dc3e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 10:41:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9196
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 00:27:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 10:41:52 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1... Frame F6F5
37 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5B1Hj1iAOKo.L.B1.O/am=MwAI/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriQSvbkeSGntvDaVaCnTmC9MWtreQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
872d5e9df705ee22acc97ca15e990b206fa61a6b97002125dbdced5c2c2d91a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 17:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13954
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 00:27:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 17:16:54 GMT
log
play.google.com/ Frame F6F5
131 B
152 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 28 Nov 2022 12:23:23 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F6F5
131 B
152 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 28 Nov 2022 12:23:23 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F6F5
131 B
152 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 28 Nov 2022 12:23:23 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F6F5
131 B
152 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 28 Nov 2022 12:23:23 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F6F5
131 B
152 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 28 Nov 2022 12:23:23 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F6F5
131 B
152 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 28 Nov 2022 12:23:23 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D324
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f28d86407686be4d579ebbdf8fb35905.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Mon, 28 Nov 2022 12:23:23 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
log
play.google.com/ Frame F6F5
131 B
519 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.VmhqSTw4zFc.es5.O/am=MwAI/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfriYpEAiQyECiu0WQtd_QM0NZ7dIXw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:23 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
matomo.php
anon-stats.eff.org/
0
0
Ping
General
Full URL
https://anon-stats.eff.org/matomo.php?action_name=Defend%20Privacy%20and%20Free%20Speech%20%7C%20Electronic%20Frontier%20Foundation&idsite=43&rec=1&r=413870&h=12&m=23&s=23&url=https%3A%2F%2Fsupporters.eff.org%2Fdonate%2Fgreetings--NDE&_id=77a163c21b133f24&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=SJh7gB&pf_net=345&pf_srv=184&pf_tfr=1&pf_dm1=431
Requested by
Host: anon-stats.eff.org
URL: https://anon-stats.eff.org/matomo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.239.79.196 El Cerrito, United States, ASN32354 (UNWIRED, US),
Reverse DNS
vm1.eff.org
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supporters.eff.org/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame CEB2
200 B
918 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1669638202285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://supporters.eff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1268265
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 12:23:27 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1085370
x-content-type-options
nosniff
x-request-id
bb220ffa-0a67-4a5f-acb2-0fdda836aa76
x-served-by
cache-yul12829-YUL
csp-report
q.stripe.com/ Frame CEB2
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CEB2
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 28 Nov 2022 12:23:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame CEB2
631 B
460 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 12:23:27 GMT
via
1.1 varnish
age
1268265
x-cache
HIT
content-length
332
x-request-id
59f67bff-5e75-4e9e-a3ab-ba2ccbd41e63
x-served-by
cache-yul12829-YUL
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
922321
inner.html
m.stripe.network/ Frame 8BEA
930 B
1 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
163
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 12:23:27 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
190
x-content-type-options
nosniff
x-request-id
f30990f7-b138-450c-878a-d648722013c9
x-served-by
cache-yul12829-YUL
x-timer
S1669638208.631118,VS0,VE0
csp-report
q.stripe.com/ Frame 8BEA
0
344 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 12:23:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 8BEA
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 28 Nov 2022 12:23:27 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
105
x-cache
HIT
content-length
16031
x-request-id
ebd33abb-7bdd-4a4a-8856-5bc422b88819
x-served-by
cache-yul12829-YUL
server
Fastly
x-timer
S1669638208.652021,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
120
6
m.stripe.com/ Frame 8BEA
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.237.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4217d59d9911ebfbaa3c2529193042d42a9bef613874ef04d4708dbef12833a0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Nov 2022 12:23:27 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| _paq string| STRIPE_TEST_KEY string| STRIPE_LIVE_KEY string| SENTRY_DSN string| RAILS_ENV function| ariaRadioCheck function| ariaRadioUncheck function| currency function| getDonationAmount function| updateDonateCounters function| FlipClock function| Base function| $ function| jQuery object| Raven object| CiviCrmStates object| webpackChunkStripeJSouter function| Stripe object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

4 Cookies

Domain/Path Name / Value
supporters.eff.org/ Name: _donate_session
Value: ZTZ4bDZkdUxNbjZhTGpEbGdpYXBuN05pUnRlR2FiUlkyVkhGbktGeVRaU0JQUlFNZ2VBRTFqS0k5N0xEemhiRVBCcWxCcEFiL1cvOTl5bHZHR0pSUllpaEo1YWRiaC93Wk5EVDZBMXMxRWEzYXBxRHdiUnBGUnR1dTNvckt5MVZKSFFYNjh1dTAweUVXMEc0ekVibi9TcVBpY3cwNUVHeE1HUitTc2F0L3RZZy84K00wYThjMWhsa1Z1NjF5SXMrem96TlI1WkVXcFc2Y3ErTTREMUw3SncwbHQ3eEEyR21QY2VNcnpBMGhRaz0tLWhPbFh0bDFOajhDbDhyM2V5ZjBER3c9PQ%3D%3D--de64837a1d98e2005ed64eb82046987ce7270dec
.google.com/ Name: NID
Value: 511=FKKMOXsViFWgxI8GCHlgORSA6Pl7ZBS_BgUkzD79mH1ILQX3eYFDSj5WJSiaXtNBBv8LtWXq2aCWf2B3gWttTtA35XWbR2TYVIKuEKSAUo42bZKSk8h0IDfU28gK24cluNd9Ljz1SbxlrVtQXKQOlb-lpymWDaeE2EM2k26pLio
supporters.eff.org/ Name: _pk_id.43.617c
Value: 77a163c21b133f24.1669638204.
supporters.eff.org/ Name: _pk_ses.43.617c
Value: 1

5 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anon-stats.eff.org
digitalprofilebuzz.com
eff.org
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
supporters.eff.org
www.eff.org
www.gstatic.com
151.101.128.176
167.114.36.53
173.239.79.196
2607:f8b0:4004:c1b::5c
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2003
2a04:4e42:600::201
52.88.237.241
54.187.119.242
02683d118a5662036b12b4ac44efcd6357ed46978215f125c76d72b7bd0e8fc9
0867efe4ab18c35f3ea7591f9eee0ebbb8631a6e65f7287104d1f8eef992d9ea
0bb4457a21983eedb423058dbba9788909de635dbdbba8f740f6f444a3800383
0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3
1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4
20fa743d3b4279272a83134dd387ff44142ad81033e8520396ffeb13b06c5543
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25a1da729a9b3093b6342a5865f31de9d401066ead78804e2a00851f173dc3e2
263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8
2d768feb85332c343d55f535e65b75de0742ff1c242387f3a307cbb9f8a48fe5
2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3
382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f
38988407620a6f74a9d5a4dc0579b3fe8db0c689323cbbc38d93bbd6a2dc52b4
3aae4f194de291abb2e318f51e5c75130aef462caa0d904fa79307ed9f5abd69
3ec4e5df4a1f7a6cf6eed10505edb3ec832f6dc5b4557efc2737b7097f07c075
40f32f785992d95f60702abf5baf09b4804fca7655de9d2ba169fec2ad84926e
4217d59d9911ebfbaa3c2529193042d42a9bef613874ef04d4708dbef12833a0
4a97559805aed5316d4e2c8120562b58e6c06342ce2c3a98d50e3a2168356fb3
4cd1a99b7ecc82286ca7b2b58befe98db17c5c5905c3d25c1cf8312d5a6daa4c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5479443ccf1903687dd86503857e45dd69ab8a54d604125707d8217e544bcfd4
5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4
5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91
5b44a0bc284e18100f9cb620a0b9e7c39fcf2dc14d191078b411bf3361be8430
69f24f20f8c8f2aca6d54c0fec57f6d843e3f925b4dc73f33d5b4e5ffa0a65ad
6f44096f5accf771bbe7ea77ead7ae352f8fa801ce7e26735174687df7118c7a
738573d0548e32b8ef3aee9eec35d56da4bb2507ae138a3a7afca4130b7ca72f
7691302dfd8de93895388bca30d87b824943fb3505bc150c311c32f4106d0d5f
769733bf26bce6487a83cd8295fea49b08e29f79700b0c9d14ff38ba8a660d72
774807e7b83672f0cc75740aa6dc8ee6338335345ec188eb2dcc190935c68299
7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf
821ce74dbb2d82fad30fe6da94959e9bc66ccafb678d0abb487bb5e8cd5aeb69
872d5e9df705ee22acc97ca15e990b206fa61a6b97002125dbdced5c2c2d91a6
8819c3a389a1c9ea0399b53764839d55d905ad30166aac383ffa25b95d75a194
8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e
94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08
9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be
a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9
b2c0129ed3fb90a9bc22f2ecd3f4730c6cf4ebf9d42a979b8ac6f20ba42a35b0
b32262390361b66dcc5bd0161470f38595c5294d32063bccdf1baa08d94e045e
b38a2fa7279be4a31672a509b7451410b3ec119443ee86cbcf54ec0adb06fec0
bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7
c593a5955e5bbdb5e048535982fb1a361ebc620a99554eccc5fe24ce37f2201c
c59d453a50fe4f1a006f98284c8a6f41172b3f679bbdffa13b24585c95f5d27c
c6bec14fdc88b32d33b434bf5a27e7b9ff27f9aa6e9f80df9502c51416bc5d35
ca2da25ca733139ab1211bc78a116fdc99158a89c2cf9faa5d10d6fb9e09f213
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dbbd3dd07adfa144741996b8bc1989a9dafbc7ec69a4a00e471ad75a6f8a143d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e830f611f3b93a2a53b343dcb2beba237ace11b168b83e5a0292ad088b91800d
f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fd46e7a7282fdd649cfcccd1c3dc801bf9b1d22df08392a58c7007c4dc391a34