urlscan.io logo urlscan.io
SecurityTrails logo

give.ohsufoundation.org Open in urlscan Pro
54.221.251.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://give.ohsufoundation.org/
Effective URL: https://give.ohsufoundation.org/
Submission: On December 13 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 53 HTTP transactions. The main IP is 54.221.251.148, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is give.ohsufoundation.org.
TLS certificate: Issued by R3 on November 16th 2023. Valid for: 3 months.
This is the only time give.ohsufoundation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com
give.ohsufoundation.org
7    54.221.251.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-251-148.compute-1.amazonaws.com
give.ohsufoundation.org
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:e2::ac40:8d0d (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net
js.stripe.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.217.200.249 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ohsuf-donation-portal-prod.s3.amazonaws.com
4    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
4    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
r.stripe.com
2    2600:9000:2057:ce00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    44.227.146.82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-146-82.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
17 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1282
q.stripe.com — Cisco Umbrella Rank: 7730
r.stripe.com — Cisco Umbrella Rank: 3529
m.stripe.com — Cisco Umbrella Rank: 1245
430 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
765 KB
8 ohsufoundation.org
give.ohsufoundation.org
947 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
36 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1361
18 KB
2 amazonaws.com
ohsuf-donation-portal-prod.s3.amazonaws.com
733 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
183 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
907 B
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
53 11
Domain Requested by
8 js.stripe.com give.ohsufoundation.org
js.stripe.com
8 give.ohsufoundation.org 1 redirects give.ohsufoundation.org
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com give.ohsufoundation.org
www.gstatic.com
www.google.com
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 r.stripe.com js.stripe.com
4 q.stripe.com give.ohsufoundation.org
2 m.stripe.network js.stripe.com
m.stripe.network
2 ohsuf-donation-portal-prod.s3.amazonaws.com give.ohsufoundation.org
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com give.ohsufoundation.org
www.googletagmanager.com
1 m.stripe.com m.stripe.network
1 use.fontawesome.com give.ohsufoundation.org
1 fonts.googleapis.com give.ohsufoundation.org
0 stats.g.doubleclick.net Failed www.google-analytics.com
53 16

This site contains links to these domains. Also see Links.

Domain
ohsufoundation.org
Subject Issuer Validity Valid
give.ohsufoundation.org
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://give.ohsufoundation.org/
Frame ID: E2969B3CF18630DEC181F0C3FBB90BBE
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
Frame ID: EC8DE32DA9E4C87D2C93E0A50E3332D6
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
Frame ID: FA6A6D4C355BF69C80F3CBDE75FD8A5D
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1
Frame ID: 27229053D415067C497ADD34505C334B
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 50B2A9F8231B375BFB7B4D364B907F9E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E34AA37AA31173FAF7D31EACD17F4D79
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OHSU Foundation | Donate

Page URL History Show full URLs

  1. http://give.ohsufoundation.org/ HTTP 301
    https://give.ohsufoundation.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

53
Requests

98 %
HTTPS

56 %
IPv6

11
Domains

16
Subdomains

16
IPs

2
Countries

3146 kB
Transfer

6105 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://give.ohsufoundation.org/ HTTP 301
    https://give.ohsufoundation.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
give.ohsufoundation.org/
Redirect Chain
  • http://give.ohsufoundation.org/
  • https://give.ohsufoundation.org/
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://give.ohsufoundation.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-251-148.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
8001e54858f0df048e18c2ba9598ae01d686e3d0d93c3ffad064fe967cd359c3
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
1535
Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 06:05:13 GMT
Etag
W/"5ff-lS+hzG+nPpzcl9cgLExTYbRK+SE"
Expect-Ct
max-age=0
Expires
0
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447513&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JbWxxhbh6nEP6aVKkOjrtda8s3rknXajYLVJJhjHTBQ%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447513&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JbWxxhbh6nEP6aVKkOjrtda8s3rknXajYLVJJhjHTBQ%3D
Server
Cowboy
Strict-Transport-Security
max-age=15552000; includeSubDomains
Surrogate-Control
no-store
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Dns-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Xss-Protection
0

Redirect headers

Connection
keep-alive
Content-Length
120
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Dec 2023 06:05:13 GMT
Location
https://give.ohsufoundation.org/
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447513&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JbWxxhbh6nEP6aVKkOjrtda8s3rknXajYLVJJhjHTBQ%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447513&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JbWxxhbh6nEP6aVKkOjrtda8s3rknXajYLVJJhjHTBQ%3D
Server
Cowboy
Vary
Accept
Via
1.1 vegur
X-Powered-By
Express
css2
fonts.googleapis.com/ 		4 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1cfe324d54bd28e6131d5f4ecef361a4a3ea29b585fb6262314f961e02e5c4b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 06:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 06:05:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 06:05:13 GMT
all.css
use.fontawesome.com/releases/v5.14.0/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.14.0/css/all.css
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Referer
https://give.ohsufoundation.org/
Origin
https://give.ohsufoundation.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:05:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1114157
etag
W/"84d8ad2b4fcdc0f0c58247e778133b3a"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRav6SsoGmvSO9CxkrB3ujQlp1YxBT9vDn7BcziwIkVKoTG6ZFO1qeKsGiN4qJAFcG7EjaKHcCVttGF0xntjyYchbFh0%2Fzztqyd2%2FI6NPMlFHLAEO0rm9O3t1K%2BA4S5RuU6a1gSBSVvV90VkjloHtvOl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
834c03a2fc1ffa7a-SJC
alt-svc
h3=":443"; ma=86400
donor.bundle.js
give.ohsufoundation.org/ 		885 KB
887 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.ohsufoundation.org/donor.bundle.js
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-251-148.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
b69be9c932543ba06c1e265e504897b08eb6f8d9ef1625ec89b5aa9f6f32606f
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 13 Dec 2023 06:05:13 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
X-Dns-Prefetch-Control
off
Connection
keep-alive
Content-Length
906048
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447513&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JbWxxhbh6nEP6aVKkOjrtda8s3rknXajYLVJJhjHTBQ%3D
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 30 Nov 2023 23:56:27 GMT
Server
Cowboy
Etag
W/"dd340-18c22a98ff8"
Expect-Ct
max-age=0
X-Download-Options
noopen
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447513&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=JbWxxhbh6nEP6aVKkOjrtda8s3rknXajYLVJJhjHTBQ%3D"}]}
Content-Type
application/javascript; charset=UTF-8
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		334 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K34RP33
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a01a2c40d438f53dcb1a5daac070ff9af82d5bdce206492298b6bf3f1aa1406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:05:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91314
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 06:05:14 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6VRD5JQSEB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K34RP33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2d32ba792b6938bc2e9e8b2a396062f971d37caf4f3a7431a4a44f7bf04ea10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:05:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96078
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 06:05:14 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K34RP33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Dec 2023 05:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1020
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 13 Dec 2023 07:48:14 GMT
v3
js.stripe.com/ 		577 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/donor.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
72b276a86352aec34b5f64af35dc2e5bf7d1bbc1a2868ab50bd4ac8aa5c00e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:05:15 GMT
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 02:00:25 GMT
server
Cloudfront
etag
W/"0b74c25b602fe5fc10168efa0cfea665"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
PiHYtAghGKD9B__c4kqmCa_u4_eXxIKPiM9vYXRwy79p_Dj6MDVAmQ==
faec0ad60ee34f01ba496a7043953e7b.svg
give.ohsufoundation.org/images/ 		23 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.ohsufoundation.org/images/faec0ad60ee34f01ba496a7043953e7b.svg
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-251-148.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
c9cc9c4933f1bbe2e494d70d37d4198dba64017abe97916ddbdf0fd7a9873580
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 13 Dec 2023 06:05:14 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
X-Dns-Prefetch-Control
off
Connection
keep-alive
Content-Length
23507
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 30 Nov 2023 23:56:27 GMT
Server
Cowboy
Etag
W/"5bd3-18c22a98ff8"
Expect-Ct
max-age=0
X-Download-Options
noopen
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D"}]}
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Accept-Ranges
bytes
1f440824c21286a2798d724b56eb1971.svg
give.ohsufoundation.org/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.ohsufoundation.org/images/1f440824c21286a2798d724b56eb1971.svg
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-251-148.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
003995f2c3b8656a4124e1cc4b6905ff5b3d9136d166172b5e7f58156fbea747
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 13 Dec 2023 06:05:14 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
X-Dns-Prefetch-Control
off
Connection
keep-alive
Content-Length
23267
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 30 Nov 2023 23:56:27 GMT
Server
Cowboy
Etag
W/"5ae3-18c22a98ff8"
Expect-Ct
max-age=0
X-Download-Options
noopen
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D"}]}
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Cache-Control
public, max-age=0
Accept-Ranges
bytes
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.ohsufoundation.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:03:57 GMT
x-content-type-options
nosniff
age
75677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:03:57 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.ohsufoundation.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 15:36:20 GMT
x-content-type-options
nosniff
age
138534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 15:36:20 GMT
session
give.ohsufoundation.org/api/v1/ 		177 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.ohsufoundation.org/api/v1/session
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/donor.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-251-148.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
ff6f9927e8936d76b48a8cfac9d1c913bf496ab6f825f490c9342d1a0f551059
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.ohsufoundation.org/
accept-language
de-DE,de;q=0.9
X-API-Client
donation-portal-client
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-API-Key
ko2!gQJQJyVzt@P.
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 13 Dec 2023 06:05:14 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
X-Dns-Prefetch-Control
off
Connection
keep-alive
Content-Length
177
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"b1-QJ/yvVr9T1ofNay1sOLFwSNQlTc"
Expect-Ct
max-age=0
Vary
Origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D"}]}
X-Download-Options
noopen
Access-Control-Allow-Origin
https://give.ohsufoundation.org
Content-Type
application/json; charset=utf-8
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/donor.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b9c02d8c7092bd34aed7ef267639f21f4e68ca093e0e5eee1162a366539d30a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Dec 2023 06:05:14 GMT
find
give.ohsufoundation.org/api/v1/form-configuration/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.ohsufoundation.org/api/v1/form-configuration/find
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/donor.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-251-148.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
15ac5ec945b38bbf5084bc9dfeb009f3654182deba50410b9d8dd718474c633a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.ohsufoundation.org/
accept-language
de-DE,de;q=0.9
X-API-Client
donation-portal-client
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-API-Key
ko2!gQJQJyVzt@P.

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 13 Dec 2023 06:05:14 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
X-Dns-Prefetch-Control
off
Connection
keep-alive
Content-Length
2956
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"b8c-eW4Dy3EEi4Av9D03wAGVGUGfx3k"
Expect-Ct
max-age=0
Vary
Origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447514&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=0GzrcXlx%2F0rkYS1kbTLhGqWjudbKab4TqVYLrGDwCQs%3D"}]}
X-Download-Options
noopen
Access-Control-Allow-Origin
https://give.ohsufoundation.org
Content-Type
application/json; charset=utf-8
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.ohsufoundation.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:57:03 GMT
x-content-type-options
nosniff
age
50891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 15:57:03 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.ohsufoundation.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 00:19:52 GMT
x-content-type-options
nosniff
age
366322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 00:19:52 GMT
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1594652243&t=pageview&_s=1&dl=https%3A%2F%2Fgive.ohsufoundation.org%2F&ul=en-us&de=UTF-8&dt=OHSU%20Foundation%20%7C%20Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=1044714889&gjid=605792465&cid=244487063.1702447514&tid=UA-3153648-9&_gid=2073726701.1702447514&_slc=1&gtm=45He3bt0n81K34RP33v845586450&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=942292630
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.ohsufoundation.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 06:05:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.ohsufoundation.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		0
0
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6VRD5JQSEB&gtm=45je3bt0v895012774z8845586450&_p=1702447514185&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=244487063.1702447514&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702447514&sct=1&seg=0&dl=https%3A%2F%2Fgive.ohsufoundation.org%2F&dt=OHSU%20Foundation%20%7C%20Donate&en=page_view&_fv=1&_ss=1&tfd=1301
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VRD5JQSEB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 06:05:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.ohsufoundation.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 		504 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://give.ohsufoundation.org/
Origin
https://give.ohsufoundation.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206640
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 10:38:51 GMT
anchor
www.google.com/recaptcha/api2/ Frame EC8D 		42 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/donor.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
50bbb9e25f8ce3de593b99f21d335e9455d912157f661139834468ca96c0f417
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8T45Zv9EqpPc5LOXtWZx1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.ohsufoundation.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8T45Zv9EqpPc5LOXtWZx1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 06:05:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame EC8D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 00:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Dec 2024 00:06:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame EC8D 		504 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206640
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 10:38:51 GMT
ohsuf_donation_default_background.jpg
ohsuf-donation-portal-prod.s3.amazonaws.com/ 		375 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ohsuf-donation-portal-prod.s3.amazonaws.com/ohsuf_donation_default_background.jpg
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.200.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
097d5ee6424d3b9b2cb95f3c40a8bda251cd91e9883af607b85443c0b70981e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 06:05:15 GMT
Last-Modified
Fri, 12 Feb 2021 00:47:39 GMT
Server
AmazonS3
x-amz-request-id
MZAR41K30F0X8FSS
ETag
"3ff3e9ea6e8fa7f5799112f937cc8ce7"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
383546
x-amz-id-2
1fGtEoc9glpbJbaLY/IyA7DkipW/ojGqllJhFWRcRdIo2nzR7/BULOQmLdEFTg7/vPrSiZUfVpY=
truncated
/ Frame EC8D 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC8D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EC8D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 19:56:54 GMT
x-content-type-options
nosniff
age
122900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 18 Dec 2023 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC8D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
455898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 23:26:56 GMT
mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
www.google.com/js/bg/ Frame EC8D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:43:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
109289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:43:45 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame EC8D 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1&co=aHR0cHM6Ly9naXZlLm9oc3Vmb3VuZGF0aW9uLm9yZzo0NDM.&hl=de&type=image&v=cwQvQhsy4_nYdnSDY4u7O5_B&theme=light&size=normal&badge=bottomright&cb=8nque1qysk58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Dec 2023 06:05:14 GMT
controller-815da30d6eae75acb23721595206ff3d.html
js.stripe.com/v3/ Frame FA6A 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e511658dfce20b6028ba5ccc8d9288fd7b001f6dd3b1399777186160452a9f52
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.ohsufoundation.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
18
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 06:04:58 GMT
etag
"815da30d6eae75acb23721595206ff3d"
last-modified
Wed, 13 Dec 2023 01:22:01 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
h65Ckl0naj736HV_fObyo8lXZZ99uS1LWZ4Kuba0m6q0wN0Y-Js4GQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
shared-6d9f8dc14bc86c122fa64de2490878b8.js
js.stripe.com/v3/fingerprinted/js/ Frame FA6A 		546 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-6d9f8dc14bc86c122fa64de2490878b8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
4e84ae84d01a6a28d42f61823e74949a1ef0a52104c578ab0a9a93c5d5067ecb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:00:08 GMT
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2026
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:15 GMT
server
Cloudfront
etag
W/"59ba0d6f7c16dff75e0c3d482fce1e3a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
qiHLeety7FI8BpfeEzMYguDplDE3hlNngohJ5cNRblcPYAN2R2SWDA==
controller-aa1e0e27ff8e274c779ae029562aeb9f.js
js.stripe.com/v3/fingerprinted/js/ Frame FA6A 		675 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-aa1e0e27ff8e274c779ae029562aeb9f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
56be7090e8eb02dfc7ec08dcd51e2ce5fdeb085a64fdb740dfe3936de2e12eb2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 05:23:15 GMT
content-encoding
br
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2520
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:12 GMT
server
Cloudfront
etag
W/"14d08c921e63389e8f237652e2a64a9e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
h6WhfBah220x3iI_N4mqD5vdBnzYy8LZ86EwvYLCfllUufgnMtH68g==
csp-report
q.stripe.com/ Frame FA6A 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 13 Dec 2023 06:05:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702447515200853
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1702447515200410
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame FA6A 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6d9f8dc14bc86c122fa64de2490878b8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d49ddb5e9399fdba7f92ffa00a01c386126c6534ee103cd44d203882c7bc28c7

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 13 Dec 2023 06:04:36 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 02:00:26 GMT
server
Cloudfront
age
38
x-amz-cf-pop
FRA6-C1
etag
"a56c429efc515302a1873a835b7c01f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
eEarFtmE2hKCzVA6R58VXHERKG4BIEUYADoKDwBK7TTSO9Qrx4Qupg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame FA6A 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6d9f8dc14bc86c122fa64de2490878b8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d49ddb5e9399fdba7f92ffa00a01c386126c6534ee103cd44d203882c7bc28c7

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-815da30d6eae75acb23721595206ff3d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 13 Dec 2023 06:04:36 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 02:00:26 GMT
server
Cloudfront
age
38
x-amz-cf-pop
FRA6-C1
etag
"a56c429efc515302a1873a835b7c01f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
Gx_zx4fTjH6c0kr2UvxZE0Orp2sPATVNQAGYyNuOVr4CfyukWwL_xg==
bframe
www.google.com/recaptcha/api2/ Frame 2722 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e6316c95c523387b5cebc66b6135010a7c8ffd49334a5df8400afc530eb53e5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rtqj687nZDAjfZDvj40ISw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.ohsufoundation.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rtqj687nZDAjfZDvj40ISw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Dec 2023 06:05:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
0
r.stripe.com/ Frame FA6A 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6d9f8dc14bc86c122fa64de2490878b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 13 Dec 2023 06:05:15 GMT
x-stripe-server-envoy-start-time-us
1702447515323388
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1702447515323031
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame FA6A 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6d9f8dc14bc86c122fa64de2490878b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 13 Dec 2023 06:05:15 GMT
x-stripe-server-envoy-start-time-us
1702447515323568
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1702447515322991
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame FA6A 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6d9f8dc14bc86c122fa64de2490878b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 13 Dec 2023 06:05:15 GMT
x-stripe-server-envoy-start-time-us
1702447515323283
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1702447515323137
access-control-allow-credentials
true
content-length
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 2722 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 00:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Dec 2024 00:06:25 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 2722 		504 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LfkITsoAAAAAKR9gurFAmzML5NsPJD48EOPD4R1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206640
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 10:38:51 GMT
event
give.ohsufoundation.org/api/v1/ 		228 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.ohsufoundation.org/api/v1/event
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/donor.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-251-148.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
97f80786bd4532982267832a1e833a30be8ea560bfc99028e916248ac1abe55e
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.ohsufoundation.org/
accept-language
de-DE,de;q=0.9
X-API-Client
donation-portal-client
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-API-Key
ko2!gQJQJyVzt@P.
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 13 Dec 2023 06:05:15 GMT
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
X-Dns-Prefetch-Control
off
Connection
keep-alive
Content-Length
228
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702447515&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=cTMT2vlvSNKsM4jL4iEAs1zSjOlHbOZiH5kE5rM6pQY%3D
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"e4-XJT/HeQqagwcnhIomS6HMaHL4xY"
Expect-Ct
max-age=0
Vary
Origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702447515&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=cTMT2vlvSNKsM4jL4iEAs1zSjOlHbOZiH5kE5rM6pQY%3D"}]}
X-Download-Options
noopen
Access-Control-Allow-Origin
https://give.ohsufoundation.org
Content-Type
application/json; charset=utf-8
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
EDCOMM-Fall%2BCampus%2B2019-1100x733.jpg
ohsuf-donation-portal-prod.s3.amazonaws.com/ 		358 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ohsuf-donation-portal-prod.s3.amazonaws.com/EDCOMM-Fall%2BCampus%2B2019-1100x733.jpg
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.200.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
17ae2a0ffee533c1b20eaf55c6212ec5edb19a42f24c7ce4cdbe6d030816e87f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 06:05:16 GMT
Last-Modified
Wed, 27 Oct 2021 17:41:56 GMT
Server
AmazonS3
x-amz-request-id
HYBGVY50ADVETBKY
ETag
"aa6f78192c1df2599cb354907821b941"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
366464
x-amz-id-2
qQMlw0cj7f2qI7KDFyq9W60/71uuhOMR6mPJki+sz32fMvGKPhjWDSIMuC9/7Zaj6jXAIf7xCeM=
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 50B2 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.ohsufoundation.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1186
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 05:45:30 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Dec 2023 22:43:13 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
2Sik2OQfNaWaJ_P0Yk2DziDKQOPNA43fwbPi3bYZzqO1kB4htbSWGg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
0
r.stripe.com/ Frame FA6A 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6d9f8dc14bc86c122fa64de2490878b8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 13 Dec 2023 06:05:15 GMT
x-stripe-server-envoy-start-time-us
1702447515606231
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1702447515605946
access-control-allow-credentials
true
content-length
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6VRD5JQSEB&gtm=45je3bt0v895012774&_p=1702447514185&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=244487063.1702447514&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702447514&sct=1&seg=0&dl=https%3A%2F%2Fgive.ohsufoundation.org%2F&dt=OHSU%20Foundation%20%7C%20Donate&en=scroll&epn.percent_scrolled=90&_et=13&tfd=2398
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6VRD5JQSEB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.ohsufoundation.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 06:05:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.ohsufoundation.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 50B2 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 05:45:08 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1214
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
631
last-modified
Thu, 07 Dec 2023 21:05:00 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
3kKs0XeWglzhvCRFlBvNfUbBFYXSp_kVXeiQ9qNpSqnFfXuZG9DNqg==
csp-report
q.stripe.com/ Frame 50B2 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 13 Dec 2023 06:05:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702447515690945
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1702447515689314
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 50B2 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 13 Dec 2023 06:05:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702447515689769
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1702447515689361
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame E34A 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
97
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 13 Dec 2023 06:03:39 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
t1n5RtdDZAWDG9iRs24dgKtrOZFccBlDGQePZ5_0Ogvjxk4XrRFjQQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame E34A 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.ohsufoundation.org
URL: https://give.ohsufoundation.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 13 Dec 2023 06:05:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702447515757676
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1702447515756978
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame E34A 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 06:00:56 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
260
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
AcLmk9E0w5ZTJaiIWCF0H6jlq3YrL8DcBADFDBd_TY34jBYQF6yk8A==
6
m.stripe.com/ Frame E34A 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.227.146.82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-227-146-82.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
70797b93de4bc3fcfb507cd9434666c271a092335a73a4e8b375b7bfaac085a4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Wed, 13 Dec 2023 06:05:16 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1702447516290517
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1702447516289832
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3153648-9&cid=244487063.1702447514&jid=1044714889&gjid=605792465&_gid=2073726701.1702447514&_u=YGBAgEABAAAAAGAAI~&z=928043354

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| setImmediate function| clearImmediate object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady undefined| nonce object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_342786 object| webpackChunkStripeJSouter function| noop function| Stripe

8 Cookies

Domain/Path Name / Value
.ohsufoundation.org/ Name: _gid
Value: GA1.2.2073726701.1702447514
.ohsufoundation.org/ Name: _dc_gtm_UA-3153648-9
Value: 1
.ohsufoundation.org/ Name: _ga
Value: GA1.1.244487063.1702447514
give.ohsufoundation.org/ Name: donor-session
Value: 0fbb0268-3440-4c8a-8317-c3884a25470a
.ohsufoundation.org/ Name: _ga_6VRD5JQSEB
Value: GS1.1.1702447514.1.0.1702447515.0.0.0
m.stripe.com/ Name: m
Value: 27669aba-7634-4022-839e-e1f6e6f9aced529d1b
.give.ohsufoundation.org/ Name: __stripe_mid
Value: 5848b600-1bef-4de7-90b1-26dd5a49f3feba32bd
.give.ohsufoundation.org/ Name: __stripe_sid
Value: d4fd8cef-f5ce-4965-812e-12b68098e01ccf1ea1

2 Console Messages

Source Level URL
Text
security error URL: https://www.google-analytics.com/analytics.js(Line 35)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3153648-9&cid=244487063.1702447514&jid=1044714889&gjid=605792465&_gid=2073726701.1702447514&_u=YGBAgEABAAAAAGAAI~&z=928043354' because it violates the following Content Security Policy directive: "connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.stripe.com *.googletagmanager.com *.google-analytics.com *.google.com *.gstatic.com;style-src 'self' 'unsafe-inline' *.fontawesome.com fonts.googleapis.com *.tagmanager.google.com https://fonts.googleapis.com *.google.com;img-src 'self' data: *.s3.amazonaws.com *.google-analytics.com https://ssl.gstatic.com https://www.gstatic.com;font-src 'self' https: data: https://fonts.gstatic.com;frame-src *.googletagmanager.com *.stripe.com *.google.com;object-src 'none';connect-src 'self' give.ohsufoundation.org *.stripe.com *.google-analytics.com *.google.com *.gstatic.com;upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
give.ohsufoundation.org
js.stripe.com
m.stripe.com
m.stripe.network
ohsuf-donation-portal-prod.s3.amazonaws.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
stats.g.doubleclick.net
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
stats.g.doubleclick.net
2001:4860:4802:34::36
2600:9000:2057:ce00:19:7d10:bd80:93a1
2606:4700:e2::ac40:8d0d
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
44.227.146.82
52.217.200.249
54.186.23.98
54.187.159.182
54.209.91.188
54.221.251.148
99.86.4.76
003995f2c3b8656a4124e1cc4b6905ff5b3d9136d166172b5e7f58156fbea747
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
097d5ee6424d3b9b2cb95f3c40a8bda251cd91e9883af607b85443c0b70981e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15ac5ec945b38bbf5084bc9dfeb009f3654182deba50410b9d8dd718474c633a
17ae2a0ffee533c1b20eaf55c6212ec5edb19a42f24c7ce4cdbe6d030816e87f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cfe324d54bd28e6131d5f4ecef361a4a3ea29b585fb6262314f961e02e5c4b8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4b9c02d8c7092bd34aed7ef267639f21f4e68ca093e0e5eee1162a366539d30a
4e84ae84d01a6a28d42f61823e74949a1ef0a52104c578ab0a9a93c5d5067ecb
50bbb9e25f8ce3de593b99f21d335e9455d912157f661139834468ca96c0f417
56be7090e8eb02dfc7ec08dcd51e2ce5fdeb085a64fdb740dfe3936de2e12eb2
6a01a2c40d438f53dcb1a5daac070ff9af82d5bdce206492298b6bf3f1aa1406
70797b93de4bc3fcfb507cd9434666c271a092335a73a4e8b375b7bfaac085a4
72b276a86352aec34b5f64af35dc2e5bf7d1bbc1a2868ab50bd4ac8aa5c00e5b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8001e54858f0df048e18c2ba9598ae01d686e3d0d93c3ffad064fe967cd359c3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
97f80786bd4532982267832a1e833a30be8ea560bfc99028e916248ac1abe55e
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
b2d32ba792b6938bc2e9e8b2a396062f971d37caf4f3a7431a4a44f7bf04ea10
b69be9c932543ba06c1e265e504897b08eb6f8d9ef1625ec89b5aa9f6f32606f
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c
c9cc9c4933f1bbe2e494d70d37d4198dba64017abe97916ddbdf0fd7a9873580
d49ddb5e9399fdba7f92ffa00a01c386126c6534ee103cd44d203882c7bc28c7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e511658dfce20b6028ba5ccc8d9288fd7b001f6dd3b1399777186160452a9f52
e6316c95c523387b5cebc66b6135010a7c8ffd49334a5df8400afc530eb53e5f
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
ff6f9927e8936d76b48a8cfac9d1c913bf496ab6f825f490c9342d1a0f551059