donatenow.wfp.org Open in urlscan Pro
2600:9000:2156:9000:e:8540:d2c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.support.wfp.org/?qs=3770cfff39a75c8d08e12a13c9ed9a88ba1861ea3886cb5e05c3748f73fe4159b1716c20b690e78f5062e3812bd3...
Effective URL:
https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=e...
Submission: On October 20 via api (October 20th 2021, 6:55:05 pm UTC) from SE — Scanned from DE

Summary HTTP 186 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 44 domains to perform 186 HTTP transactions. The main IP is 2600:9000:2156:9000:e:8540:d2c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is donatenow.wfp.org.
TLS certificate: Issued by Amazon on October 12th 2021. Valid for: a year.

This is the only time donatenow.wfp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	161.71.58.175 161.71.58.175	14340 (SALESFORCE) (SALESFORCE)
39	2600:9000:215... 2600:9000:2156:9000:e:8540:d2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
6	2600:9000:215... 2600:9000:2156:f000:b:6b6b:1200:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:215... 2600:9000:2156:c600:14:56a0:4680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:6000:5:e00c:b700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
12	143.204.98.52 143.204.98.52	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:ce00:4:3241:ce00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:9400:1:5c0e:9a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.45 143.204.98.45	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2 5	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	143.204.98.105 143.204.98.105	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	63.35.104.241 63.35.104.241	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
3	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
3	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	99.81.27.250 99.81.27.250	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.62 143.204.98.62	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:3e00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 6	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.48.145.41 52.48.145.41	16509 (AMAZON-02) (AMAZON-02)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1	92.122.253.103 92.122.253.103	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.164.135.202 54.164.135.202	14618 (AMAZON-AES) (AMAZON-AES)
1 1	143.204.98.95 143.204.98.95	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	23.21.225.74 23.21.225.74	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4200:978a:c3c2:8227:81a1	14618 (AMAZON-AES) (AMAZON-AES)
1	18.168.102.56 18.168.102.56	16509 (AMAZON-02) (AMAZON-02)
1	63.33.113.238 63.33.113.238	16509 (AMAZON-02) (AMAZON-02)
1 2	18.185.142.87 18.185.142.87	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
16	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	34.251.226.251 34.251.226.251	16509 (AMAZON-02) (AMAZON-02)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	35.166.212.249 35.166.212.249	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.89 143.204.98.89	16509 (AMAZON-02) (AMAZON-02)
186	57

1 161.71.58.175 (London, United Kingdom) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.support.wfp.org

click.support.wfp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2600:9000:2156:9000:e:8540:d2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

donatenow.wfp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:f000:b:6b6b:1200:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.iraiser.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:c600:14:56a0:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.sparkcentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:6000:5:e00c:b700:93a1 (United States)

ASN16509 (AMAZON-02, US)

monitoring.iraiser.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.98.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-52.fra50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ce00:4:3241:ce00:93a1 (United States)

ASN16509 (AMAZON-02, US)

services.iraiser.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9400:1:5c0e:9a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.iraiser.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.45 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5499309.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10390555.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-105.fra50.r.cloudfront.net

fh.mg.wfp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.104.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-104-241.eu-west-1.compute.amazonaws.com

c0.adalyser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.27.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-62.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.0.160.129 (Netherlands) 2 redirects

ASN54312 (ROCKETFUEL, US)

20777079p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.50 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.145.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.253.103 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-253-103.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.135.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-135-202.compute-1.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.95 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-95.fra50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.225.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-225-74.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:978a:c3c2:8227:81a1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.102.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.113.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-113-238.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.142.87 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.226.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-226-251.eu-west-1.compute.amazonaws.com

5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.212.249 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-212-249.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-89.fra50.r.cloudfront.net

media.eu-1.smooch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	wfp.org 1 redirects click.support.wfp.org donatenow.wfp.org fh.mg.wfp.org	1018 KB
29	stripe.com js.stripe.com r.stripe.com q.stripe.com m.stripe.com	326 KB
23	google.com 1 redirects adservice.google.com www.google.com pay.google.com play.google.com	384 KB
11	doubleclick.net 5 redirects 5499309.fls.doubleclick.net 10390555.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	8 KB
10	iraiser.eu libs.iraiser.eu monitoring.iraiser.eu services.iraiser.eu cdn.iraiser.eu	204 KB
7	sparkcentral.com cdn.sparkcentral.com	277 KB
6	rfihub.com 2 redirects 20777079p.rfihub.com a.rfihub.com p.rfihub.com	9 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	146 KB
5	google.de 1 redirects adservice.google.de www.google.de	2 KB
5	paypal.com 1 redirects b.stats.paypal.com dub.stats.paypal.com c.paypal.com	2 KB
4	google-analytics.com www.google-analytics.com	40 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
3	smooch.io 5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io media.eu-1.smooch.io	15 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com	1010 B
3	googleadservices.com www.googleadservices.com	33 KB
3	bing.com bat.bing.com	10 KB
3	paypalobjects.com www.paypalobjects.com	53 KB
3	googletagmanager.com www.googletagmanager.com	150 KB
2	stripe.network m.stripe.network	17 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	607 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	facebook.com www.facebook.com	460 B
2	adalyser.com c0.adalyser.com	13 KB
2	facebook.net connect.facebook.net	170 KB
2	fontawesome.com use.fontawesome.com	27 KB
1	krxd.net beacon.krxd.net	338 B
1	agkn.com aa.agkn.com	238 B
1	tremorhub.com partners.tremorhub.com	183 B
1	addthis.com x.dlx.addthis.com	191 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	786 B
1	serving-sys.com bs.serving-sys.com	105 B
1	media.net contextual.media.net	697 B
1	eyeota.net ps.eyeota.net	344 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects stags.bluekai.com	676 B
1	rfihub.net c1.rfihub.net	6 KB
1	hotjar.io vc.hotjar.io	257 B
1	googleapis.com fonts.googleapis.com	1 KB
1	googleoptimize.com www.googleoptimize.com	39 KB
186	44

	Domain	Requested by
39	donatenow.wfp.org	donatenow.wfp.org
15	q.stripe.com	donatenow.wfp.org
13	play.google.com	www.gstatic.com
12	js.stripe.com	donatenow.wfp.org js.stripe.com
7	cdn.sparkcentral.com	donatenow.wfp.org cdn.sparkcentral.com
6	libs.iraiser.eu	donatenow.wfp.org
5	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com donatenow.wfp.org www.gstatic.com
4	p.rfihub.com	2 redirects donatenow.wfp.org
4	www.google.de	donatenow.wfp.org 10390555.fls.doubleclick.net
4	www.google.com	1 redirects donatenow.wfp.org
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com donatenow.wfp.org www.gstatic.com
3	idsync.rlcdn.com	1 redirects donatenow.wfp.org 5499309.fls.doubleclick.net
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	www.googleadservices.com	www.googletagmanager.com 10390555.fls.doubleclick.net www.googleadservices.com
3	c.paypal.com	www.paypalobjects.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com donatenow.wfp.org
3	5499309.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.paypalobjects.com	donatenow.wfp.org c.paypal.com
3	www.googletagmanager.com	donatenow.wfp.org www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io	cdn.sparkcentral.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects donatenow.wfp.org
2	sync.search.spotxchange.com	1 redirects donatenow.wfp.org
2	dsum-sec.casalemedia.com	1 redirects donatenow.wfp.org
2	dpm.demdex.net	1 redirects donatenow.wfp.org
2	ib.adnxs.com	1 redirects donatenow.wfp.org
2	cm.g.doubleclick.net	2 redirects
2	www.facebook.com	donatenow.wfp.org
2	10390555.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adservice.google.com	5499309.fls.doubleclick.net 10390555.fls.doubleclick.net
2	c0.adalyser.com	donatenow.wfp.org
2	connect.facebook.net	donatenow.wfp.org connect.facebook.net
2	fh.mg.wfp.org	donatenow.wfp.org
2	monitoring.iraiser.eu	donatenow.wfp.org
2	use.fontawesome.com	donatenow.wfp.org use.fontawesome.com
1	media.eu-1.smooch.io	donatenow.wfp.org
1	m.stripe.com	m.stripe.network
1	r.stripe.com	js.stripe.com
1	beacon.krxd.net	5499309.fls.doubleclick.net
1	aa.agkn.com	5499309.fls.doubleclick.net
1	partners.tremorhub.com	5499309.fls.doubleclick.net
1	x.dlx.addthis.com	5499309.fls.doubleclick.net
1	bpi.rtactivate.com	5499309.fls.doubleclick.net
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	5499309.fls.doubleclick.net
1	contextual.media.net	5499309.fls.doubleclick.net
1	ps.eyeota.net	donatenow.wfp.org
1	pixel.rubiconproject.com	5499309.fls.doubleclick.net
1	stags.bluekai.com	1 redirects
1	a.rfihub.com	donatenow.wfp.org
1	20777079p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	5499309.fls.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	1 redirects
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	dub.stats.paypal.com	donatenow.wfp.org
1	b.stats.paypal.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cdn.iraiser.eu	donatenow.wfp.org
1	services.iraiser.eu	donatenow.wfp.org
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	donatenow.wfp.org
1	fonts.googleapis.com	donatenow.wfp.org
1	www.googleoptimize.com	donatenow.wfp.org
1	click.support.wfp.org	1 redirects
186	69

This site contains links to these domains. Also see Links.

Domain
www.wfp.org
www.iraiser.eu

Subject Issuer	Validity	Valid
donatenow.wfp.org Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.iraiser.eu Amazon	`2021-05-03` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
sparkcentral.com Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.adalyser.com Thawte RSA CA 2018	`2021-06-11` - `2022-07-12`	a year	crt.sh
*.mg.wfp.org Amazon	`2021-05-21` - `2022-06-19`	a year	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-06-24` - `2022-06-29`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-20` - `2022-06-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.config.eu-1.smooch.io Sectigo RSA Domain Validation Secure Server CA	`2020-05-06` - `2022-05-06`	2 years	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.eu-1.smooch.io Amazon	`2021-03-31` - `2022-04-29`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Frame ID: 7F643C0B621C6672D3CA3C31823CFA98
Requests: 88 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Frame ID: D4416E79F6CD9BE9FE080C49DFBE69DB
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Frame ID: 21A8F146F380960BEA05E875CFE0F641
Requests: 1 HTTP requests in this frame

Frame: https://5499309.fls.doubleclick.net/activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Frame ID: 47DB26369E64D9F0BD87F5A167A044C3
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 186773619AFD9643796CDBEFE79B6335
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=&s=NWFP_N2N8PX8YHC7N6_BA
Frame ID: 84ED5CBAC933442827AD7E288AFA1534
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Frame ID: D7730AD63E3623AC1D92CAF6E73D7757
Requests: 4 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Frame ID: C352FFA574C569BA8B03AD2C98AA8E0B
Requests: 1 HTTP requests in this frame

Frame: https://10390555.fls.doubleclick.net/activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Frame ID: 1BD85CE31E7584937368EB0F684A9BF3
Requests: 5 HTTP requests in this frame

Frame: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Frame ID: F480B5D78F587D40789321F2120905D0
Requests: 2 HTTP requests in this frame

Frame: https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmy6YTV2fMCFWTj5godXLIM7w%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D8655645789402%3Bgtm%3D2wgai0%3Bauiddc%3D1265078196.1634756099%3B%7Eoref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F%7Emy-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud&pf=https%3A%2F%2Fadservice.google.com%2F&ra=09431676812014333
Frame ID: 9605CF32735789E2675158B8E1E1F017
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
Frame ID: 8DF6FDE9B06C1AE7D036ED029D8E38B6
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
Frame ID: BAEA8174863AA2EDC50989819FBDA621
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
Frame ID: DDD581FC7E823AA5A4DC485AC2B79AF5
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: E0DED750BC5115DA83A7C6981D21DCF4
Requests: 16 HTTP requests in this frame

Frame: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css
Frame ID: 9EE25CA605CBC107F0A912A51B32AFEB
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: F0FD874377C4B89E7DAC41CB6EF2429B
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 09D81A4272327A84462F657CF2CD9730
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate Now | United Nations World Food Programme

Page URL History Show full URLs

https://click.support.wfp.org/?qs=3770cfff39a75c8d08e12a13c9ed9a88ba1861ea3886cb5e05c3748f73fe4159b1716c20... HTTP 302
https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

186
Requests

100 %
HTTPS

40 %
IPv6

44
Domains

69
Subdomains

57
IPs

7
Countries

3014 kB
Transfer

7627 kB
Size

54
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wfp.org/

Search URL Search Domain Scan URL

URL: https://www.iraiser.eu/en/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.support.wfp.org/?qs=3770cfff39a75c8d08e12a13c9ed9a88ba1861ea3886cb5e05c3748f73fe4159b1716c20b690e78f5062e3812bd3e41572060ff38d6bfcb800464eb1bc634bf4 HTTP 302
https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud HTTP 302
https://5499309.fls.doubleclick.net/activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Request Chain 69

https://b.stats.paypal.com/v2/counter.cgi?p=&s=NWFP_N2N8PX8YHC7N6_BA HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=&s=NWFP_N2N8PX8YHC7N6_BA

Request Chain 80

https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud HTTP 302
https://10390555.fls.doubleclick.net/activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Request Chain 87

https://adservice.google.de/ddm/fls/i/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud HTTP 302
https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Request Chain 98

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPqP8YTV2fMCFUchBgAdxbcKOA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D5774011831174%3Bgtm%3D2odai0%3Bauiddc%3D1265078196.1634756099%3B~oref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F~my-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud%3F&ref=https%3A%2F%2Fdonatenow.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=A2ZwYZjzKoPEgAfEp6iYDQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPqP8YTV2fMCFUchBgAdxbcKOA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D5774011831174%3Bgtm%3D2odai0%3Bauiddc%3D1265078196.1634756099%3B~oref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F~my-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud%3F&ref=https%3A%2F%2Fdonatenow.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=A2ZwYZjzKoPEgAfEp6iYDQ&cid=CAQSKQCNIrLM9HR5DgAY2HtBMiUxZ12MK_Ji7lduDoRGhE4blqvWQiO18rJc&random=1899366917&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPqP8YTV2fMCFUchBgAdxbcKOA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D5774011831174%3Bgtm%3D2odai0%3Bauiddc%3D1265078196.1634756099%3B~oref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F~my-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud%3F&ref=https%3A%2F%2Fdonatenow.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=A2ZwYZjzKoPEgAfEp6iYDQ&cid=CAQSKQCNIrLM9HR5DgAY2HtBMiUxZ12MK_Ji7lduDoRGhE4blqvWQiO18rJc&random=1899366917&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 103

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkxODc3ODY2NDYwOA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBAjsWL-4B0z30QTUps0jaY&google_cver=1

Request Chain 104

https://ib.adnxs.com/setuid?entity=18&code=5140084918778664608 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084918778664608

Request Chain 105

https://stags.bluekai.com/site/4722?id=5140084918778664608&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 107

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084918778664608&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084918778664608&redir=

Request Chain 108

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5140084918778664608&bid=omt9pi0

Request Chain 111

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084918778664608&referrer=https%3A%2F%2Fadservice.google.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=2434ecb6-bb91-4955-8b0b-22e1aa3342e1%3A1634756099.97&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D2434ecb6-bb91-4955-8b0b-22e1aa3342e1%253A1634756099.97 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=2434ecb6-bb91-4955-8b0b-22e1aa3342e1%3A1634756099.97 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEnQOZmuKwjom1eQzhaVQqY&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084918778664608&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084918778664608&forward=&C=1

Request Chain 116

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084918778664608&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084918778664608&img=1&__user_check__=1&sync_id=39df641f-31d7-11ec-b95e-1891fad20306

Request Chain 120

https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084918778664608&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084918778664608&expires=30

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YXBmBAAKn1PFrgAT HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YXBmBAAKn1PFrgAT&_test=YXBmBAAKn1PFrgAT

186 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ~my-donation Show response
donatenow.wfp.org/wfp/
Redirect Chain

https://click.support.wfp.org/?qs=3770cfff39a75c8d08e12a13c9ed9a88ba1861ea3886cb5e05c3748f73fe4159b1716c20b690e78f5062e3812bd3e41572060ff38d6bfcb800464eb1bc634bf4
https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marke...

155 KB
155 KB

470ms
382ms

Document
text/html

2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

691a11e6c78d040bc3a0fd771288b7b5856a35f8c94c9a5cf986687967a5931c

Security Headers

Name	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

:method: GET
:authority: donatenow.wfp.org
:scheme: https
:path: /wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=UTF-8
date: Wed, 20 Oct 2021 18:54:58 GMT
server: nginx
x-xss-protection: 1
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7; path=/; SameSite=None; Secure
x-frame-options: sameorigin
x-cache: Miss from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8O2IjXCxZeJBdip2Aj9lzMxrQwKZTwjk3Hduevqy9M2e6Y9JFBg-4A==

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud#once
Date: Wed, 20 Oct 2021 18:54:57 GMT
Connection: close
Content-Length: 352

GET
H2 200 style_v2.css
donatenow.wfp.org/themes/default/css/ 17 KB
4 KB 70ms
69ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c342f1a386b2afb1fe2706298e46b870d79e74fa5753fb29b0edf5d44d9f8f2d

Request headers

:path: /themes/default/css/style_v2.css?v=8.1
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:58 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-42bd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: Fn9R0PEkKVdtapXuWXO4BHAGs1CyVDfU2CLGJx3mlI-McHn02TsKLw==

GET
H2 200 jquery-1.11.2.min.js Show response
donatenow.wfp.org/themes/default/js/ 94 KB
33 KB 129ms
127ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/jquery-1.11.2.min.js
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

:path: /themes/default/js/jquery-1.11.2.min.js
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-176bb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: uwS_tfTBe77FxO2Z-gQfq_V67ixD4pt2H2ewCG_NFiTyd-8QJ0Z2jQ==

GET
H2 200 jquery.cookie-1.0.min.js Show response
donatenow.wfp.org/themes/default/js/ 994 B
1 KB 96ms
94ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/jquery.cookie-1.0.min.js
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 64e56836e083250c795d6fc4fd222f30841bb90de0dcef675bb81c44d2f96e12

Request headers

:path: /themes/default/js/jquery.cookie-1.0.min.js
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "610aaa6e-3e2"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 994
x-amz-cf-id: MC0JvMyYF9cvqNetJIqdVKztkpGkzv34kl2iADck0L1WovXcO59Esg==

GET
H2 200 dnterrors.min.js Show response
donatenow.wfp.org/themes/default/js/ 2 KB
990 B 101ms
100ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/dnterrors.min.js?v=8
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 94ee0e97215c8f1db64eeb3e1948eefb73a8c5a1c4aead335ac2cc37374a4409

Request headers

:path: /themes/default/js/dnterrors.min.js?v=8
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-6b7"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: FANYTsJHMOgdfAJLttyQM_ZZJTWNH2WPBZ1WVO7sSFPQujGZ-cJN6Q==

GET
H2 200 step1.min.js Show response
donatenow.wfp.org/themes/default/js/ 12 KB
3 KB 110ms
109ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/step1.min.js?v=12
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 29594823876415cb4ecfa5e2bb4d37023b64885eeaa62e4492a111affb232753

Request headers

:path: /themes/default/js/step1.min.js?v=12
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-2ed5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: KHOUddB6_E4cSJ4FLMBXJR1K4VBDCFkhqQzdO2YigqW9LMkBwzVd1A==

GET
H2 200 step2.min.js Show response
donatenow.wfp.org/themes/default/js/ 5 KB
2 KB 108ms
106ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/step2.min.js?v=11
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2fa68e2a1ef3f927db2fa132bd16829cbe7006407ddeb9ade3386302ec5d916e

Request headers

:path: /themes/default/js/step2.min.js?v=11
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-1229"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: BW0b2ufZy-qAIerq3G6ojq21HkEgdD-P2stFhFoW3v3GYxWZMyStMg==

GET
H2 200 step3.min.js Show response
donatenow.wfp.org/themes/default/js/ 7 KB
2 KB 101ms
100ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/step3.min.js?v=12
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bfeeb0cfe1e95bd5580361539cf045873d0416a3f997379bc839e641fdb8200

Request headers

:path: /themes/default/js/step3.min.js?v=12
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-1c95"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: y_MDL-74dD9unYj7cHfNUJ_OOQxC4DbhLLhPul-BsOiHi31JnQFsTg==

GET
H2 200 steps.min.js Show response
donatenow.wfp.org/themes/default/js/ 5 KB
2 KB 124ms
123ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/steps.min.js?v=11
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 271445b6d501e282c8d000e41e1a7bd7c88812bd83ca70b65a4745763669347b

Request headers

:path: /themes/default/js/steps.min.js?v=11
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-1268"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: zXLYT2oL-KcOG8szG2wD0MoY5Rib71TKsybEQoi6muYlANoL1QEpHg==

GET
H2 200 jquery.ir-priceinput.min.js Show response
donatenow.wfp.org/themes/default/js/ 428 B
738 B 89ms
88ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/jquery.ir-priceinput.min.js
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fb3dab6d97df8490b2eed9a51459e8ed4583057083f714008f1c796b368ffded

Request headers

:path: /themes/default/js/jquery.ir-priceinput.min.js
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "610aaa6e-1ac"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 428
x-amz-cf-id: ymJxn4Yl9SLoMVRCFczToQiX5C3AisycBWYqHksOnKTkE2krrviLoA==

GET
H2 200 common.min.js Show response
donatenow.wfp.org/themes/default/js/ 6 KB
3 KB 104ms
104ms Script
application/javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/js/common.min.js?v=9.1
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 95132142758c3802f71cb348e8d11f420787539067e6fe823310742754ebcde6

Request headers

:path: /themes/default/js/common.min.js?v=9.1
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-19de"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: saHX-1RTGksZiAvZBLsL1zZpYK6m3LrXw0jDeFmAM5J-ac4KONXEKA==

GET
H2 200 jquery-ui.min.css
donatenow.wfp.org/libs.iraiser.eu/libs/jquery/jquery-ui-1.12.1/ 31 KB
8 KB 13ms
13ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/jquery/jquery-ui-1.12.1/jquery-ui.min.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

:path: /libs.iraiser.eu/libs/jquery/jquery-ui-1.12.1/jquery-ui.min.css
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:51:19 GMT
content-encoding: gzip
server: nginx
age: 219
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P4 FRA50-C1
x-amz-cf-id: sl7-_G68y-mdnCZ2JQ8DOMgsBsFdLeIuyojn8uGcNxGXd3aIxfmqsw==
via: 1.1 3431ec594cac61983aae2d9ffaf23981.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
donatenow.wfp.org/libs.iraiser.eu/libs/jquery/jquery-ui-1.12.1/ 248 KB
67 KB 14ms
13ms Script
application/x-javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/jquery/jquery-ui-1.12.1/jquery-ui.min.js
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

:path: /libs.iraiser.eu/libs/jquery/jquery-ui-1.12.1/jquery-ui.min.js
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:29:24 GMT
content-encoding: gzip
server: nginx
age: 1534
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-C1 FRA50-C1
x-amz-cf-id: h7JL89mryWpk3YlApzWrOXwHVSz8oL1hHAeNdtrf6x0bOoHJUeKQCQ==
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mask.min.js Show response
donatenow.wfp.org/libs.iraiser.eu/libs/jquery/mask/ 8 KB
4 KB 16ms
15ms Script
application/x-javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/jquery/mask/jquery.mask.min.js
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e

Request headers

:path: /libs.iraiser.eu/libs/jquery/mask/jquery.mask.min.js
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:53:30 GMT
content-encoding: gzip
server: nginx
age: 88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P4 FRA50-C1
x-amz-cf-id: cKIFm2DmeL7T-Ut_JHD5JofKB3xhqdf2nMQyD3IFWCjlVQajaf01qQ==
via: 1.1 71c4b07776e0b6812900664940c9d7a7.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/ 30 KB
7 KB 13ms
13ms Script
application/x-javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/script.js?v=7
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 668ee46bd31946cdb7479e102b234d719c31b8abbddc8f8c99ed7a9f92e92b1a

Request headers

:path: /libs.iraiser.eu/users/wfp/v2/script.js?v=7
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:24:48 GMT
content-encoding: gzip
server: nginx
age: 1810
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P4 FRA50-C1
x-amz-cf-id: BKZIx50cyYWwk2Vtom4MaLwFYpXzu-cjCjguuygDnxn2DZ3OkY9s_g==
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/ 56 KB
9 KB 15ms
15ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 79a2e7a05e21cec157368e563197cf48a9f34ec9ee61929793458bc6344ae918

Request headers

:path: /libs.iraiser.eu/users/wfp/v2/styles.css?v=6
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:16:24 GMT
content-encoding: gzip
server: nginx
age: 2314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P4 FRA50-C1
x-amz-cf-id: 3PDSkLFyP0MvZGWzBXy9i-UQWpdSMRQQcFN3YkzT7PbndYTcqzPw0Q==
via: 1.1 8a6f67a9421de326f43e9107751b580f.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
donatenow.wfp.org/libs.iraiser.eu/users/wfp/rtl/ 3 KB
1 KB 20ms
20ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/rtl/styles.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d3d72116ba00f366e9d8070e0dc9f4b8541af3293f38e3eb4ca28b80f09f279

Request headers

:path: /libs.iraiser.eu/users/wfp/rtl/styles.css
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:03:10 GMT
content-encoding: gzip
server: nginx
age: 3108
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P4 FRA50-C1
x-amz-cf-id: mGV9ZNba57ekq3-FkH4j39cVnrsHyWS6oCayI9_0u_kOWepxvQ1Hpg==
via: 1.1 e37b7824685046c107e13d08c43993fd.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 101 KB
39 KB 54ms
19ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P2GL7X7

Requested by

Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

335b0b4acdc0025ae0786d69882b45d5a1b32c7c415bcf10da482c5625c07c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39053
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 UNWFPlogoregularwhite.png
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 16 KB
17 KB 17ms
17ms Image
image/png 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/UNWFPlogoregularwhite.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2edf92695c21ee693df426746e4603819d9a141e178bc0f4274baaba9a7f8409

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/UNWFPlogoregularwhite.png
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:01:43 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 3196
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA2-C1 FRA50-C1
accept-ranges: bytes
content-length: 16742
x-amz-cf-id: HT9O1qXaJFMULN4XNJC8rqcwz711EAg7K1R5Q4OjrXpCXWlV6liWZA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPRG1.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/ 15 KB
15 KB 16ms
16ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPRG1.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a58d6be5e186b923069a861e90554b70ccc29c2230aae0508c795b90c688a19

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPRG1.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:19 GMT
via: 1.1 0162e02b2d0212054988a68716227dab.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1780
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 15425
x-amz-cf-id: xwBU8Q9YC6d7n5V6X7oEH9pV_s250va_7d2DupFo_lp1F7RuOytv-A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-copia.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/ 7 KB
7 KB 10ms
10ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/1-copia.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bfa8e89f28b7fa5be746724da9edb3f78aff08de2200515295895f9092257c4

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/1-copia.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:20 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1779
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA6-C1 FRA50-C1
accept-ranges: bytes
content-length: 6943
x-amz-cf-id: 0IDJdmpprs2PJnhKWqnFRMQ_8ZorxNvaRmxKe8XlqZ82Y7ZqtvkBHA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPRG3.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/ 15 KB
15 KB 8ms
8ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPRG3.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5976d0a05eb9aa0dc19984b73efeaaf47943d043a0a882a45db94b100f89e96c

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPRG3.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:20 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1779
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA6-C1 FRA50-C1
accept-ranges: bytes
content-length: 15099
x-amz-cf-id: hUuiq4IbX86uSCxWw8ZwZUk4kXRc__NX5UhPde-AKlFZ0V6lMNOfTA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPSG1.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/ 15 KB
16 KB 10ms
10ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPSG1.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e6cc563070d6a74adcc945037fc29f5b4c2f705b634fae9fc49f5964d581f0b

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPSG1.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:20 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1779
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 15491
x-amz-cf-id: _EOihBt_dgtaEl-KjWYwmj72l9V5ZJYA2wAjy8DOQUcor-qCpAXWcA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPSG2.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/ 15 KB
15 KB 9ms
9ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPSG2.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f423bd8bedcf5444b7e59617a14a4c29818278fe7235366ed3bf85a87a1ee71

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPSG2.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:01:45 GMT
via: 1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 3194
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 15281
x-amz-cf-id: mdjPnulQwpoCHkTvZSOSczyMzdiBFu-Sx7koD5NEhKl13IQzsbxPgg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPSG3.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/ 14 KB
15 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPSG3.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 81db3aaae89ef616da34ae600900ed31097ffbb81177f9fdf7cdcf1667b41370

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/pricelist_item/foodcrisisPPSG3.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:20 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd53.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1779
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 14832
x-amz-cf-id: EjyOImW38kz193Ajl2tR0RccgElzX3e7IDMeVvB3kEmLyzkDbyPleg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 powered-by-iraiser.png
donatenow.wfp.org/libs.iraiser.eu/design/powered-by/v1/ 2 KB
2 KB 10ms
9ms Image
image/png 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/design/powered-by/v1/powered-by-iraiser.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27f4af2dd922b70eb219d7ab51ca7f6b0eedb7664bc9c077b62b5859aaa93cdb

Request headers

:path: /libs.iraiser.eu/design/powered-by/v1/powered-by-iraiser.png
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:14:31 GMT
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 2428
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P4 FRA50-C1
accept-ranges: bytes
content-length: 1780
x-amz-cf-id: 5rOcx-zCMO8m2MRZ5IIQ8ZSEHDNY8pRHQUF4g7MAAwLMU6zjgpEl8w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 reset-fonts.css
donatenow.wfp.org/themes/default/css/core/ 1 KB
925 B 95ms
94ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/css/core/reset-fonts.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c40e247365d8a712662ee4991f0a78a379be4dc429f8a85dba0a27e7764410e9

Request headers

:path: /themes/default/css/core/reset-fonts.css
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-417"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: fbPDoF14qXt4xdDMbEOKqQ2Sz9B6pKGq4nNsIECCj8Z6j-Vw038bJg==

GET
H2 200 grids.css
donatenow.wfp.org/themes/default/css/core/ 498 B
798 B 96ms
96ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/css/core/grids.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1306483c1bea5b5c8b2c56d7ce711ef794860241a74f27bb20bb99ac04bb9ca0

Request headers

:path: /themes/default/css/core/grids.css
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: "610aaa6e-1f2"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 498
x-amz-cf-id: N5m0R1ZzH-QXWvNdrK0yYgaXp9rTtcgPFdKioXaxJP8pzroLQkLNUw==

GET
H2 200 grids-mqueries_v2.css
donatenow.wfp.org/themes/default/css/core/ 5 KB
1 KB 98ms
98ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/themes/default/css/core/grids-mqueries_v2.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d6d9e026c3e3271569129f404d097c232122f9c2728ae25357561ca6a63b4f6

Request headers

:path: /themes/default/css/core/grids-mqueries_v2.css
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/themes/default/css/style_v2.css?v=8.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 14:55:42 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"610aaa6e-1261"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-id: mUvEiigLzUXHumqLhgcSpWfQUxnGdaSkz7GWR7Kz90PXPNkG4Rox2Q==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Requested by

Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17fbf18baa0557422fe5fda097999d5c1695e244d23f9945273a5e11a6a6aedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 17:29:04 GMT
server: ESF
date: Wed, 20 Oct 2021 18:54:59 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 select2.min.css
libs.iraiser.eu/libs/forms/select2/css/ 15 KB
2 KB 68ms
8ms Stylesheet
text/css 2600:9000:2156:f000:b:6b6b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.iraiser.eu/libs/forms/select2/css/select2.min.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:b:6b6b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:05:39 GMT
content-encoding: gzip
server: nginx
age: 2960
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KvU7ZEUS5oyNZq46_iaQEcK7dNFZ9dy2ApO9r3YIbtZdwi--UBluMQ==
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
13 KB 33ms
15ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9154057
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MWF8CF51NSW0WBXQ
x-amz-id-2: lrwe5usI2tzd9fjttEe2UKWOXojUyS59w1kjtmp76mGPz3cynfOMlQzTUumDapejw+2JS8BnHo4=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4Ln%2B4YPuop1mKRvqo%2BQZdvootUpW%2BMQdm81sPlz%2BpatjfSeIqA5nrQWLO4EQovhYofaitfo2rRIaT9Jy8AJ5%2FcVj8G6KzDgWmuhODiz5hNHa1M9Ap9VosR61wjin7rHR4GVY94xLcIqJbj6yWme6tLz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6a147533cbf905fd-FRA

GET
H2 200 hotjar-2048364.js Show response
static.hotjar.com/c/ 4 KB
2 KB 28ms
8ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2048364.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.76 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-76.fra50.r.cloudfront.net

Software

Resource Hash

57023a9992c0eb9eb5f8f438481263ca015f647d74b703eb972362e8aba11281

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:20 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 39
etag: W/24c03e07f7d23c539f7cd2a20f57bab7
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA50-C1
content-length: 1909
via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-cf-id: q8AAwEjMKnZwHEyLPljRLU9c6czxr99O242s6IPlO3JnxcxVsKqi8g==

GET
H2 200 loader.json Show response
cdn.sparkcentral.com/rtm/web/1.25.7/ 80 B
604 B 55ms
10ms XHR
application/json 2600:9000:2156:c600:14:56a0:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/loader.json
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 07:02:20 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age: 42760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-meta-lastmodified: 2020-03-16 15:17:38 +0000 UTC
content-length: 80
last-modified: Fri, 19 Feb 2021 16:46:29 GMT
server: AmazonS3
etag: "f404840dc69a65c5380c1f11207d1c15"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: TrKGsnqaRFOeu6ZkT9WbFocTZnlCiZOK3ITdm4NvMVQHUlyXWQvysw==

GET
H2 200 error.css
monitoring.iraiser.eu/ 8 B
275 B 105ms
66ms Stylesheet
text/css 2600:9000:2156:6000:5:e00c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://monitoring.iraiser.eu/error.css?z=0.43859151069815994&cid=donatenow.wfp.org%2F7495428627.1634756099&t=event&ec=JSError&ev=1&ea=%2FWFPR%2Fb%3Asteps%2Fcid%3D1%2Finline&el=Uncaught%20TypeError%3A%20Cannot%20set%20properties%20of%20null%20(setting%20%27onclick%27)%3B%20Stack%3A%20TypeError%3A%20Cannot%20set%20properties%20of%20null%20(setting%20%27onclick%27)%0A%20%20%20%20at%20%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud%3A464%3A46.%20%3E%20inline%3A464%3A46
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6000:5:e00c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f04d6f4e31655290294a18aff5e6d9174a2990f5550f1939f59c41f8cb451073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
server: CloudFront
age: 16825
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
content-length: 8
x-amz-cf-id: ecTd7NA6JBKdX6kBaYySlO0UPzD_FSzU16FIffw9dez7UXpII8A3cA==

GET
H2 200 genericbackground.jpg
donatenow.wfp.org/cdn.iraiser.eu/CMtktXtXB9PisWSC3vcC/Q==/default/origin/ 94 KB
95 KB 10ms
10ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/CMtktXtXB9PisWSC3vcC/Q==/default/origin/genericbackground.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d8878b337774bb88da6b9c6c350d9aaad1bc0d7d2fa065e1c521dfc5b27cda18

Request headers

:path: /cdn.iraiser.eu/CMtktXtXB9PisWSC3vcC/Q==/default/origin/genericbackground.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:23:06 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1913
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA6-C1 FRA50-C1
accept-ranges: bytes
content-length: 96631
x-amz-cf-id: 2MTTIF3zeDWqs8N3YIw7gcmGFQfB8nULfYVwdCHpqxsIfC183gvHJQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donatenow.wfp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 525028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Oct 2022 17:04:31 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 264 KB
70 KB 705ms
661ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:55:00 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: V4GTTY9H7WQ1SH89
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-id-2: 3lrVpAkkOWErGGCvryreHL2xB4PskTnfz8s0PebAzBVcSP+j2kfkNwCkqzjP1G22o1ppev6B+Ww=
last-modified: Tue, 19 Oct 2021 22:04:33 GMT
server: AmazonS3
etag: W/"162d95aadbf0d6bd433739b5c2433fea"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: ASAMUMftY5gnau5ZjGS0jl4FRYWck68PLvIWU1hsmuAqiITgRfaSXw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 234 KB
75 KB 52ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

803ddd7188e0fbbc0bdde5e0b1582584d89f0befdb1f55f1fb0a092563722a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76537
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 18:17:07 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 check.css
monitoring.iraiser.eu/ 8 B
274 B 66ms
51ms Stylesheet
text/css 2600:9000:2156:6000:5:e00c:b700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://monitoring.iraiser.eu/check.css?z=0.37075683221446165&cid=donatenow.wfp.org%2F7495428627.1634756099&dl=https%3A%2F%2Fdonatenow.wfp.org%2FWFPR%2Fb%3Asteps%2Fcid%3D1&sc=start&dr=https%3A%2F%2Fdonatenow.wfp.org&cd=2021-10-20%3A20.54.58-61706602af49d&dt=donatenow.wfp.org%2Fdonations&ul=en-EN&ds=web
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6000:5:e00c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f04d6f4e31655290294a18aff5e6d9174a2990f5550f1939f59c41f8cb451073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
server: CloudFront
age: 74025
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
content-length: 8
x-amz-cf-id: 03yb2JtaKGKrqtoERi_f32NZGizW3-EXvRD--QxEaIblfe43dggwmw==

GET
H2 200 mastercard-radius.png
libs.iraiser.eu/images/pictos/ 2 KB
2 KB 10ms
10ms Image
image/png 2600:9000:2156:f000:b:6b6b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libs.iraiser.eu/images/pictos/mastercard-radius.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:b:6b6b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e687c549464afcc13137cecba3a33713f79921944f5b730eb01a39264e34a311

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:24:34 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: nginx
age: 1825
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1990
x-amz-cf-id: 2cMq_BM9dnICCyNss-MOSsd1okQw33qXDUZftkA_dl_yPLLkSgN6Kg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 visa-radius.png
libs.iraiser.eu/images/pictos/ 6 KB
7 KB 10ms
9ms Image
image/png 2600:9000:2156:f000:b:6b6b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libs.iraiser.eu/images/pictos/visa-radius.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:b:6b6b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c07d37147a78a0db0d149a563ec24f9ea233153a4f08bea22f0f778fbfd7f149

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:14:47 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: nginx
age: 2412
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6434
x-amz-cf-id: lQRsJP6KBuCTWXgGAWIebxiyNaSsaihP1MmIzTNDa6UApIuO3gkHng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maestro-radius3.png
libs.iraiser.eu/images/pictos/ 2 KB
2 KB 11ms
10ms Image
image/png 2600:9000:2156:f000:b:6b6b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libs.iraiser.eu/images/pictos/maestro-radius3.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:b:6b6b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bd347265d76c0ad95c4089c2264171c982f57515a3c3711e6484d20d4fd98be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:53:32 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: nginx
age: 87
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1993
x-amz-cf-id: hiu60Z5AKaRLSG3JphrqJEGzlEW3TAhH9VEg_YHaWNHfFnDXb2LZQA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_paypal.png
libs.iraiser.eu/images/pictos/ 8 KB
9 KB 14ms
13ms Image
image/png 2600:9000:2156:f000:b:6b6b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libs.iraiser.eu/images/pictos/logo_paypal.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/users/wfp/v2/styles.css?v=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:b:6b6b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c3ae9577af023ddc4be33f0ef162a0e5054e42b6f097eb33f55b24b29ea10457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:45:10 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: nginx
age: 589
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8410
x-amz-cf-id: I-4_C_2yAIDEo5TO3TXZKG5S4BYRwlhUx9xoF77JXuZY-XtIqVJK3g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 13 KB
14 KB 36ms
17ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin: https://donatenow.wfp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3254778
cf-ray: 6a1475347cb6d721-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13552
x-amz-id-2: iM6PFBoamzM+Dn9LQV+4oZWFRlZPntda2CJSD1bMV4fUnrq0aPpKDNFY4bhl2gOzBdT5qtOVSnE=
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
server: cloudflare
etag: "e6257a726a0cf6ec8c6fec22821c055f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGfA7FL4n8%2BzASJJtfBBhLGX7X7gMB8EyxHT0ClGPDayzuYuXWnhg65dGi8HG7DRUhLotREr4kfig6Z5GYlerzXjdt4fXKMheWNMxPohZ99JFUjnLoU%2FqCJ32rJp6TbZ7YUat0FLgqkXToXnnXSAvt8Y"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: YN69HYHX52RDYHYS
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 geoip.jsonp Show response
services.iraiser.eu/geoip/api/v1/ 138 B
446 B 101ms
42ms Script
application/javascript 2600:9000:2156:ce00:4:3241:ce00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.iraiser.eu/geoip/api/v1/geoip.jsonp?_=1634756099129
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/themes/default/js/jquery-1.11.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ce00:4:3241:ce00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 1e19112303463753d5f2da7d3f30953b37b2a0af36789967992639d7d704f155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: UTF-8
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0
content-length: 138
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-id: 2532jMRBjWaupPXhbxSbLnHnznkGYmYNwu_dRZlVh_AtIKO2ZnYYcg==

GET
H2 200 select2.full.min.js Show response
libs.iraiser.eu/libs/forms/select2/js/ 70 KB
20 KB 18ms
17ms Script
application/x-javascript 2600:9000:2156:f000:b:6b6b:1200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.iraiser.eu/libs/forms/select2/js/select2.full.min.js?_=1634756099130
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/themes/default/js/jquery-1.11.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f000:b:6b6b:1200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 249e5b8d94463770e790d8f77f3be78c5eaf988b1620aec32ade2c34340b0563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000, public
x-amz-cf-id: aAFnFuPxdYV-7dt8D11vNbSQ0eA2SUTEQoBTS_-aZ_mi_satgq2qTA==
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intlTelInput.min.css
donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/css/ 20 KB
4 KB 11ms
10ms Stylesheet
text/css 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/css/intlTelInput.min.css
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/themes/default/js/jquery-1.11.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e5c66df4d25b6035eb85283a55895ff19cf2ff05484d01da2558b87ec0caa16b

Request headers

:path: /libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/css/intlTelInput.min.css
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:52:38 GMT
content-encoding: gzip
server: nginx
age: 141
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA2-C2 FRA50-C1
x-amz-cf-id: ZHAxQQHX6OyIVEey5NIyzox3iO4C_vU1Q--tU0oN4zM13p6Zfzi8iA==
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intlTelInput.min.js Show response
donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/js/ 27 KB
10 KB 51ms
51ms XHR
application/x-javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/js/intlTelInput.min.js?_=1634756099131
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/themes/default/js/jquery-1.11.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a4ba476cccf999aebf81ed516173f4e34a7867333195283ab64f33c5cfcd58f

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
:path: /libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/js/intlTelInput.min.js?_=1634756099131
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-P4 FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-id: lw0-I4CIww_obgEFCgOeQYbe93kpopauSjO-PRo4MgbSHYzXh_D8cg==
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdabb.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fb-all-prod.pp.min.js Show response
www.paypalobjects.com/webstatic/r/fb/ Frame D441 57 KB
18 KB 39ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 1755cf4afaf57
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18004
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10079-SJC, cache-fra19174-FRA
last-modified: Sat, 13 Feb 2021 00:30:01 GMT
x-timer: S1634756099.362237,VS0,VE1
etag: W/"60271d89-e293"
strict-transport-security: max-age=31557600
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 16226, 2

GET
H2 200 fb-all-prod.pp.min.js Show response
www.paypalobjects.com/webstatic/r/fb/ Frame 21A8 57 KB
18 KB 41ms
12ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 1755cf4afaf57
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18004
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10079-SJC, cache-fra19174-FRA
last-modified: Sat, 13 Feb 2021 00:30:01 GMT
x-timer: S1634756099.362390,VS0,VE1
etag: W/"60271d89-e293"
strict-transport-security: max-age=31557600
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 16226, 2

GET
H2 200 foodcrisisPPRG1.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 72 KB
73 KB 12ms
11ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPRG1.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 50b311e58b8ce97f4dd5b95e510764a9cadc6699795068aa43e699db28842116

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPRG1.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:21 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1778
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA2-C1 FRA50-C1
accept-ranges: bytes
content-length: 74236
x-amz-cf-id: URETSwkDNbSEruHtz96KIzsyxpE93CTnHTjQV4yPjQA7muIEDY0Qqg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1-copia.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 27 KB
27 KB 22ms
21ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/1-copia.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 037dc6f1377075393c6ec101347ace1b4579d2a451f505a221ddb1896d8f546a

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/1-copia.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:21 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1778
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 27724
x-amz-cf-id: ibBxYspQpbkbVI16TAvzVCjIwUJi4VVBcOP-T4Fs-179OR_TNra36A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPRG3.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 65 KB
65 KB 28ms
27ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPRG3.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bd785f240d765ee35e810a6ab6c45918b1822b15ff78a80faf2ba58a50b8e9e

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPRG3.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:21 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1778
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 66570
x-amz-cf-id: QnyteDUir_4kuGQYo4vMDW1lPQGIJLSem_fV5e0dJJv_2knvL_ZFmw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imgonline-com-ua-resize-8nNx5KMbOeq5qo.jpg
cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 161 KB
161 KB 68ms
12ms Image
image/jpeg 2600:9000:2156:9400:1:5c0e:9a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/imgonline-com-ua-resize-8nNx5KMbOeq5qo.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:1:5c0e:9a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 781e10efd0a4fa3335a36549ad4a6555ea9161e5a27da84e2aeb97f2bb0773a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:58:16 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
server: nginx
age: 3403
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 164569
x-amz-cf-id: fXM8jL2xRPSB9LaUXeAUvaYqAz0j_WN4fAxSY8Jdq4cFKTXL8zooTw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPSG1.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 70 KB
70 KB 22ms
22ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPSG1.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d072a4eb6891b1f3b64491e0df93ffbec094c9a1a8cc1a01e2daaeb81b9baa0a

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPSG1.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:21 GMT
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1778
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 71548
x-amz-cf-id: qCvcOMWVFPepcsoVC-RIMlxQvS3MlpjAiCjJLqO1nDCU76nn5U9P9w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPSG2.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 63 KB
64 KB 33ms
32ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPSG2.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f05464f6e43632446385d56166a3fa95b4ad30ad8475824843d10c07c4820909

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPSG2.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:21 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1778
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 64974
x-amz-cf-id: VX8zd5kD7tVyXJEPZZEXwNkOvy-gjRKHR2tFUTxODYQB6ehLyVPaCw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foodcrisisPPSG3.jpg
donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/ 72 KB
73 KB 37ms
37ms Image
image/jpeg 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPSG3.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6229931335281d11d6964c77157f21d2a09869fb360f211ceddc2ee5e337e88d

Request headers

:path: /cdn.iraiser.eu/mrgt0B3Grjsrz+2gUzBQ8A==/default/origin/foodcrisisPPSG3.jpg
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:25:21 GMT
via: 1.1 0c39e892d8c809025c8f47425847f681.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 1778
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P5 FRA50-C1
accept-ranges: bytes
content-length: 74175
x-amz-cf-id: 91nreMPh4EgDQWjb_TcMbEekZp5DHsbyT0UqeFH6T10hHxxg0iveuA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sparkcentral.1.25.7.min.js Show response
cdn.sparkcentral.com/rtm/web/1.25.7/ 9 KB
4 KB 41ms
18ms Script
application/javascript 2600:9000:2156:c600:14:56a0:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 05:09:37 GMT
content-encoding: gzip
etag: W/"cd3c7f973f6b72e066d3f3f23b53d94f"
last-modified: Fri, 19 Feb 2021 16:46:30 GMT
server: AmazonS3
age: 49523
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-meta-lastmodified: 2020-03-16 15:17:38 +0000 UTC
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: z6SOSruQQfS4fT2Hd8f-UqaGNDVVcnntaow3WSTNkOeOMXbJ7-KC_A==

GET
H2 200 modules.fe297aa05ddc2e3e1113.js Show response
script.hotjar.com/ 222 KB
59 KB 31ms
10ms Script
application/javascript 143.204.98.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fe297aa05ddc2e3e1113.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2048364.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.45 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-45.fra50.r.cloudfront.net

Software

Resource Hash

4f471d15db2b21e7adec92f1f190274f499211f727a1b8fd64e25e08c6dc1a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16253
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59929
access-control-allow-origin: *
last-modified: Wed, 20 Oct 2021 14:23:34 GMT
etag: "96612d71d48ad92b3b5d44a9696f3f4a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: mLGQgoD-N7mMdYlWXIlDlmRXMOwkbN6qEBViYm__SgrHe4pWFFCsRA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 279ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 3233
date: Wed, 20 Oct 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Wed, 20 Oct 2021 20:01:06 GMT

GET
H2 200 flags.png
donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/img/ 69 KB
70 KB 9ms
9ms Image
image/png 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/img/flags.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/css/intlTelInput.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

:path: /libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/img/flags.png
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7; _gcl_au=1.1.1265078196.1634756099
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/css/intlTelInput.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/css/intlTelInput.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:44:16 GMT
via: 1.1 23f4d6fe05b7a037f9e8a8a9a9896368.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server: nginx
age: 643
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: TXL50-P2 FRA50-C1
accept-ranges: bytes
content-length: 70857
x-amz-cf-id: lMXVNRVroVH7Er-2qtzrABYGL6voJG-yG5P2NZbUgMRNSf4xmdAkqQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%... Show response
5499309.fls.doubleclick.net/ Frame 47DB
Redirect Chain

https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donatio...
https://5499309.fls.doubleclick.net/activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdon...

703 B
690 B

25ms
24ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5499309.fls.doubleclick.net/activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

3f70c91d1dea244ec5988df99e9237edbd23fa79241f11ae77e937115fd41775

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5499309.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 20 Oct 2021 18:54:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 513
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 19:09:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 20 Oct 2021 18:54:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5499309.fls.doubleclick.net/activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

OPTIONS
H2 200 poc
fh.mg.wfp.org/ Frame 0
0 342ms
318ms Preflight
application/json 143.204.98.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fh.mg.wfp.org/poc
Protocol: H2
Server: 143.204.98.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-105.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://donatenow.wfp.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 20 Oct 2021 18:54:59 GMT
x-amzn-requestid: 533fe661-ca5f-44d4-afcb-4c870fea60b7
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: HhTgnEwNiYcFwwg=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IySXHsfzPypomvTKlMng-MOUE0J-NuhKkrY1vxx536LN0Ul8DTH3pA==

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 50ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:58 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 19:11:47 GMT
x-msedge-ref: Ref A: 9329238B999C4BB1B915EF08E3563B86 Ref B: FRAEDGE1513 Ref C: 2021-10-20T18:54:59Z
etag: "805b72e6bad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: k0zUDYgKQuAkcIfFVASzsz1X8xZPkj3XOyb6Bj8ZQsQG5dSlSmudrAwGe59yPiT47uO0anTUjus6kpwxn+lg2A==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 20 Oct 2021 18:54:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adalyser.js Show response
c0.adalyser.com/ 35 KB
12 KB 124ms
51ms Script
application/javascript 63.35.104.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c0.adalyser.com/adalyser.js?cid=wfpes
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.104.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-104-241.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: c1b356f3f76ac3ce3f19997f63fa181cb9d05cd531eb1ee612ce69a2a57fa56f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-powered-by: Express
etag: "60b9cf4ef4ac6dab5294025f3c443ba3cca92451"
p3p: CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: public, max-age=21600
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: origin, content-type, accept
content-length: 12183

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-597680250

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb94976672ba261dfdda8099c49d0254823c6116d5ba3d9a0b47a020387d15a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39281
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 18:17:07 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 18:54:59 GMT

POST
H2 200 poc Show response
fh.mg.wfp.org/ 110 B
471 B 361ms
361ms XHR
application/json 143.204.98.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fh.mg.wfp.org/poc
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-105.fra50.r.cloudfront.net
Software: /
Resource Hash: edc61a3bb4017d59cf09e9bd15d9d96413e9f7bdad07f75486b24881269ee2e1

Request headers

Referer: https://donatenow.wfp.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 18:55:00 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 6ad78fe1-c274-4680-a63a-78ee6eecb8ef
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61706604-63982ada47469df818333d7e
x-amz-apigw-id: HhTgqGqWCYcFdgw=
content-length: 110
x-amz-cf-id: 6-cNLxQUUrZk48atNhtwQnnVRejZjIh5Ojb2fZ5r4Nsmud_HHDxSmw==

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 1867 2 KB
1 KB 28ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2048364.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-d09a446edefba0dcce5d5143e1840e9a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/

Response headers

content-type: text/html
content-length: 1044
date: Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uQSG7YwcGdgpvSM8QtTSSsAcI0KbT7HBE7JcYp8-DVNJtJThzTW20w==
age: 41994

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 84ED
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=&s=NWFP_N2N8PX8YHC7N6_BA
https://dub.stats.paypal.com/v2/counter2.cgi?p=&s=NWFP_N2N8PX8YHC7N6_BA

42 B
299 B

100ms
38ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=&s=NWFP_N2N8PX8YHC7N6_BA
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 18:54:59 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=&s=NWFP_N2N8PX8YHC7N6_BA
Date: Wed, 20 Oct 2021 18:54:59 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame D773 195 B
1 KB 46ms
8ms Document
text/html 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1ad6f1b6aaa18a205dc2e58d0f6c09265cc0d12e3b338c01cf7ec76bd047eb2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: c.paypal.com
:scheme: https
:path: /v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/

Response headers

correlation-id: dfac2fade5873
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: dfac2fade5873
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 20 Oct 2021 18:54:59 GMT
age: 152797
x-served-by: cache-hhn4026-HHN, cache-fra19161-FRA
x-cache: HIT, HIT
x-cache-hits: 1518, 504
x-timer: S1634756100.525628,VS0,VE2
vary: Accept-Encoding
set-cookie: x-cdn=0300; Domain=paypal.com; Path=/; Secure
server-timing: content-encoding;desc=gzip
content-length: 164

GET
H2 200 1877519415676647 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1877519415676647?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7571f876a280181f0595afa8635b22cbef0bdde03bda2ff6875c401bf154271f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146743
x-xss-protection: 0
pragma: public
x-fb-debug: nlpz9IgNeKoCkJBr066aFaIJOqY3FasiXNSnNX+aCL5NErEDsWj/U8vmjWPOVHMzF3LyFb/8qjveFL6e/2X38w==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 20 Oct 2021 18:54:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 49ms
25ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-597680250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14430
x-xss-protection: 0
server: cafe
etag: 16924264664223707549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
36 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10390555&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-597680250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1490bcd5750564fff66fe6ed9f7a6616300ede521b0e5f311b6c021e6974d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36695
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 18:17:07 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobi... Show response
adservice.google.com/ddm/fls/i/ Frame C352 702 B
1001 B 66ms
44ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Requested by

Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/activityi;dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e706a7d763c414082dc37bff0d25ed93da3f2dad8680f0ab656683b388f1e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5499309.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5499309.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 20 Oct 2021 18:54:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 22021902.js Show response
bat.bing.com/p/action/ 0
108 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/22021902.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Oct 2021 18:54:58 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 9767230315F34211AC2729A0F6C0EF28 Ref B: FRAEDGE1513 Ref C: 2021-10-20T18:54:59Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=22021902&tm=gtm002&Ver=2&mid=5d399a03-6128-4737-92b2-161cc5aebf3a&sid=3992de3031d711ec84cbd3749df2c7c2&vid=3993049031d711eca3de15ac8c14f34f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&kw=WFP,%20donate,%20give,%20support,%20World%20Food%20Programme,%20hunger,%20charity,%20international%20organization,%20food,%20Sustainable%20Development%20Goals&p=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud%23once&r=&lt=920&evt=pageLoad&msclkid=N&sv=1&rn=222697
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 20 Oct 2021 18:54:58 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: FEE5E723517048D8B1E66ECD75247625 Ref B: FRAEDGE1513 Ref C: 2021-10-20T18:54:59Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2048364/ 146 B
323 B 110ms
38ms XHR
application/json 99.81.27.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2048364/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fe297aa05ddc2e3e1113.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.27.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer: https://donatenow.wfp.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 2048364 Show response
vc.hotjar.io/sessions/ 0
257 B 90ms
33ms XHR
text/plain 143.204.98.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2048364?s=0.25&r=0.1487992081329157
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fe297aa05ddc2e3e1113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-62.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: hDCWfBnHvUgrzQ-1V4YKG3ugiEDFe9dpBsuVsJ-FHQv0UWKb9KNenQ==

GET
H2 200 fb-all-prod.pp.min.js Show response
www.paypalobjects.com/webstatic/r/fb/ Frame D773 57 KB
18 KB 26ms
26ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 1755cf4afaf57
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18004
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sjc10079-SJC, cache-fra19174-FRA
last-modified: Sat, 13 Feb 2021 00:30:01 GMT
x-timer: S1634756100.577279,VS0,VE0
etag: W/"60271d89-e293"
strict-transport-security: max-age=31557600
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 16226, 3

GET
H3

200

activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Fut... Show response
10390555.fls.doubleclick.net/ Frame 1BD8
Redirect Chain

https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3...
https://10390555.fls.doubleclick.net/activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonate...

1 KB
782 B

26ms
26ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10390555.fls.doubleclick.net/activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10390555&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

221a033d26877ac6806b0d0cab57ea77061a7724552cc9620d98f002df29baed

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10390555.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 20 Oct 2021 18:54:59 GMT
expires: Wed, 20 Oct 2021 18:54:59 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 757
x-xss-protection: 0
set-cookie: IDE=AHWqTUnmPwMmOs1MiULtwJ4Sqj7732CdTG5F0qVdtD6k4HtOefI0gW1gzDJusG8rIfw; expires=Mon, 14-Nov-2022 18:54:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 20 Oct 2021 18:54:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10390555.fls.doubleclick.net/activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 23ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1877519415676647&ev=PageView&dl=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud%23once&rl=&if=false&ts=1634756099604&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1634756099602.1543526527&it=1634756099516&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 p
c0.adalyser.com/tracking/track/v3/ 43 B
341 B 29ms
29ms Image
image/gif 63.35.104.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c0.adalyser.com/tracking/track/v3/p?stm=1634756099629&e=lce1&url=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&cid=wfpes&p=%7B%22et%22%3A1634756099626%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Email%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22All%20Subscribers%22%2C%22me%22%3A%22email%22%2C%22ca%22%3A%22phone_update1%22%2C%22co%22%3A%22Phone%2Bcapture%2B-%2Bemail%2B1_356010%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%22ea0154ef-1d92-4b59-87e3-2cd0e41a6692%22%2C%22duid%22%3A%22e4cad762-ae6f-4901-aab2-263854b2f06f%22%2C%22cw%22%3A1634756099626%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&domain=donatenow.wfp.org
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.104.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-104-241.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-powered-by: Express
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
p3p: CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: origin, content-type, accept
content-length: 43
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/ 3 KB
1 KB 52ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/?random=1634756099630&cv=9&fst=1634756099630&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaai0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3b44ab8927b315a48c1b2ac4e1c989eb4a44ce2ecd826c4f2fa99f994740d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1178
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/ 3 KB
2 KB 47ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/?random=1634756099632&cv=9&fst=1634756099632&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaai0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bd61a8bd3f7b453288bdfd795368755412f367dfa75094a8ed45730f1fbc3c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame D773 15 B
157 B 163ms
162ms XHR
application/json 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p1
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 13726be2eec6f
x-served-by: cache-hhn11536-HHN, cache-fra19161-FRA
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 13726be2eec6f
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
content-length: 15
x-cache-hits: 0, 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame D773 15 B
132 B 160ms
160ms XHR
application/json 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/e
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 91d9ed32cad6d
x-served-by: cache-hhn11563-HHN, cache-fra19161-FRA
x-cache: MISS, MISS
content-type: application/json
paypal-debug-id: 91d9ed32cad6d
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 15
x-cache-hits: 0, 0

GET
H3

200

dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobi... Show response
5499309.fls.doubleclick.net/ddm/fls/r/ Frame F480
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.w...
https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdon...

1 KB
708 B

20ms
19ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e0ce589690f347212349fef577ce556e36e4fa5de76e637956d91238aa1f218c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5499309.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnmPwMmOs1MiULtwJ4Sqj7732CdTG5F0qVdtD6k4HtOefI0gW1gzDJusG8rIfw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 20 Oct 2021 18:54:59 GMT
expires: Wed, 20 Oct 2021 18:54:59 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 685
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 20 Oct 2021 18:54:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 1BD8 45 KB
17 KB 33ms
18ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 10390555.fls.doubleclick.net
URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

15f6865841563f9690aa73d93d6af4f80c0544d09b1c9f1479c44edd1bec5f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10390555.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17678
x-xss-protection: 0
server: cafe
etag: 7688520411956436205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=*;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%...
adservice.google.com/ddm/fls/z/ Frame 1BD8 42 B
118 B 45ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPqP8YTV2fMCFUchBgAdxbcKOA;src=10390555;type=rem0;cat=allp;ord=5774011831174;gtm=2odai0;auiddc=*;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10390555.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/597680250/ 42 B
569 B 42ms
19ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/597680250/?random=1634756099632&cv=9&fst=1634752800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaai0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&async=1&fmt=3&is_vtc=1&random=1385938837&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/597680250/ 42 B
569 B 42ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/597680250/?random=1634756099632&cv=9&fst=1634752800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaai0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&async=1&fmt=3&is_vtc=1&random=1385938837&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/597680250/ 42 B
108 B 37ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/597680250/?random=1634756099630&cv=9&fst=1634752800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaai0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&async=1&fmt=3&is_vtc=1&random=432703211&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/597680250/ 42 B
108 B 39ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/597680250/?random=1634756099630&cv=9&fst=1634752800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaai0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&tiba=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&async=1&fmt=3&is_vtc=1&random=432703211&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/481751819/ Frame 1BD8 2 KB
1 KB 17ms
16ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/481751819/?random=1634756099690&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPqP8YTV2fMCFUchBgAdxbcKOA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D5774011831174%3Bgtm%3D2odai0%3Bauiddc%3D1265078196.1634756099%3B~oref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F~my-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud%3F&ref=https%3A%2F%2Fdonatenow.wfp.org%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

be8297f832a5a558f51fcf27c4fb3ada44f715eb578c3e01e79a00cb3bb429f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10390555.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
414 B 44ms
14ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-2556524-1&cid=2061012784.1634756100&jid=1541113559&gjid=1791434477&_gid=1930381636.1634756100&_u=YGBAiEABBAAAAE~&z=1400206532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donatenow.wfp.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Oct 2021 18:54:59 GMT
content-type: text/plain
access-control-allow-origin: https://donatenow.wfp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
145 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1202140828&t=pageview&_s=1&dl=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAG~&jid=1941689018&gjid=57652763&cid=2061012784.1634756100&tid=UA-127155074-1&_gid=1930381636.1634756100&_r=1&gtm=2wgai0KN3K8D&z=1654824756

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donatenow.wfp.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donatenow.wfp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1202140828&t=pageview&_s=1&dl=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=1541113559&gjid=1791434477&cid=2061012784.1634756100&tid=UA-2556524-1&_gid=1930381636.1634756100&gtm=2wgai0KN3K8D&z=213905046

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Oct 2021 22:21:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74025
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/481751819/ Frame 1BD8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_...

42 B
108 B

23ms
22ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPqP8YTV2fMCFUchBgAdxbcKOA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D5774011831174%3Bgtm%3D2odai0%3Bauiddc%3D1265078196.1634756099%3B~oref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F~my-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud%3F&ref=https%3A%2F%2Fdonatenow.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=A2ZwYZjzKoPEgAfEp6iYDQ&cid=CAQSKQCNIrLM9HR5DgAY2HtBMiUxZ12MK_Ji7lduDoRGhE4blqvWQiO18rJc&random=1899366917&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10390555.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/481751819/?random=815222260&cv=9&fst=1634756099690&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPqP8YTV2fMCFUchBgAdxbcKOA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D5774011831174%3Bgtm%3D2odai0%3Bauiddc%3D1265078196.1634756099%3B~oref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F~my-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud%3F&ref=https%3A%2F%2Fdonatenow.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=A2ZwYZjzKoPEgAfEp6iYDQ&cid=CAQSKQCNIrLM9HR5DgAY2HtBMiUxZ12MK_Ji7lduDoRGhE4blqvWQiO18rJc&random=1899366917&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ Frame F480 19 KB
6 KB 27ms
8ms Script
application/x-javascript 2600:9000:2156:3e00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5499309.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:01:39 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 18:01:29 GMT
server: Jetty(9.3.29.v20201019)
age: 3200
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: tsr7HRmhtTajjgk2lVLoR0Ught5FVo_-RZPkUo3JNSoyCGeXt2Gk4g==
expires: Wed, 20 Oct 2021 19:01:39 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-2556524-1&cid=2061012784.1634756100&jid=1541113559&_u=YGBAiEABBAAAAE~&z=2109470087

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-2556524-1&cid=2061012784.1634756100&jid=1541113559&_u=YGBAiEABBAAAAE~&z=2109470087

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ca.html Show response
20777079p.rfihub.com/ Frame 9605 3 KB
4 KB 65ms
20ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKmy6YTV2fMCFWTj5godXLIM7w%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D8655645789402%3Bgtm%3D2wgai0%3Bauiddc%3D1265078196.1634756099%3B%7Eoref%3Dhttps%253A%252F%252Fdonatenow.wfp.org%252Fwfp%252F%7Emy-donation%253Futm_jobid%253D%2526utm_source%253DAll%252520Subscribers%2526utm_campaign%253Dphone_update1%2526utm_medium%253Demail%2526utm_content%253DPhone%252Bcapture%252B-%252Bemail%252B1_356010%2526utm_cid%253D%2526utm_platform%253Dmarketingcloud&pf=https%3A%2F%2Fadservice.google.com%2F&ra=09431676812014333
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: a2a44b3304c57c0e5b818dd5a407cfa66100a7f8e93369cd3096d5a6e83ddf68

Request headers

Host: 20777079p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://5499309.fls.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5499309.fls.doubleclick.net/

Response headers

Date: Wed, 20 Oct 2021 18:54:59 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNjU0MTCwMLE0tDA3tzAzMzEzsBDiM9S1zCgr9HML9yjODSmS4jU0MzYxNzUzsLS0MLYAAGuhtnU0AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 14 Nov 2022 18:54:59 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAJvFyGtoZmxibmpmYGlpYWK0Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPei8RcJo_IfofEBOdUysSABAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 14 Nov 2022 18:54:59 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjU0MTCwMLE0tDA3tzAzMzEzsBDiM9S1zCgr9HML9yjODSkCAH0h8fslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2792
Server: Jetty(9.3.29.v20201019)

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 9605
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkxODc3ODY2NDYwOA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBAjsWL-4B0z30QTUps0jaY&google_cver=1

42 B
1 KB

58ms
15ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBAjsWL-4B0z30QTUps0jaY&google_cver=1
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 18:54:59 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:54:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBAjsWL-4B0z30QTUps0jaY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 9605
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5140084918778664608
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084918778664608

43 B
1 KB

37ms
37ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084918778664608

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 18:55:00 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 77ed41bb-0166-4342-8a04-0247f40dcd97
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 18:55:00 GMT
X-Proxy-Origin: 91.199.118.75; 91.199.118.75; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 591730a1-5e83-49bb-becb-6f54d4a3d18f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084918778664608
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 9605
Redirect Chain

https://stags.bluekai.com/site/4722?id=5140084918778664608&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
1 KB

17ms
17ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 18:55:00 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Wed, 20 Oct 2021 18:55:00 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9605 0
239 B 47ms
18ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084918778664608
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9605
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084918778664608&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084918778664608&redir=

42 B
945 B

35ms
35ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084918778664608&redir=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-034abbbf3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QozgizVbSh0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v019-0dab1dc84.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0vGsbkGFRmY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084918778664608&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 9605
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5140084918778664608&bid=omt9pi0

0
344 B

31ms
7ms

Image
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5140084918778664608&bid=omt9pi0
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 18:54:59 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5140084918778664608&bid=omt9pi0
Date: Wed, 20 Oct 2021 18:54:59 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 9605 46 B
697 B 71ms
35ms Image
image/gif 92.122.253.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084918778664608

Requested by

Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.122.253.103 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-122-253-103.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Wed, 20 Oct 2021 18:54:59 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 9605 0
105 B 281ms
93ms Image
text/plain 54.164.135.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.135.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-135-202.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:55:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 9605
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084918778664608&referrer=https%3A%2F%2Fadservice.google.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=2434ecb6-bb91-4955-8b0b-22e1aa3342e1%3A1634756099.97&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D2434ecb6-bb91-4955-8b0b-22e1aa3342e1...
https://idsync.rlcdn.com/501709.gif?partner_uid=2434ecb6-bb91-4955-8b0b-22e1aa3342e1%3A1634756099.97
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEnQOZmuKwjom1eQzhaVQqY&google_cver=1

42 B
300 B

15ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEnQOZmuKwjom1eQzhaVQqY&google_cver=1
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 18:55:00 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:00 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEnQOZmuKwjom1eQzhaVQqY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 9605 43 B
109 B 369ms
149ms Image
image/gif 23.21.225.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084918778664608
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.225.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-225-74.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:55:00 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9605
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084918778664608&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084918778664608&forward=&C=1

43 B
1006 B

23ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084918778664608&forward=&C=1
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 18:54:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Oct 2021 18:54:59 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 18:54:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084918778664608&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Wed, 20 Oct 2021 18:54:59 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 9605 42 B
417 B 30ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084918778664608
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Oct 2021 18:54:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 9605 43 B
191 B 175ms
158ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084918778664608

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 20 Oct 2021 18:55:00 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9605
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084918778664608&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084918778664608&img=1&__user_check__=1&sync_id=39df641f-31d7-11ec-b95e-1891fad20306

43 B
548 B

19ms
19ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084918778664608&img=1&__user_check__=1&sync_id=39df641f-31d7-11ec-b95e-1891fad20306
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 18:55:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 57
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 20 Oct 2021 18:55:00 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5140084918778664608&img=1&__user_check__=1&sync_id=39df641f-31d7-11ec-b95e-1891fad20306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 83
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 9605 43 B
183 B 315ms
104ms Image
image/gif 2600:1f18:612b:4200:978a:c3c2:8227:81a1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5140084918778664608&r=pZkeCyJ7HVt5
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:978a:c3c2:8227:81a1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:55:00 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 9605 43 B
238 B 1097ms
23ms Image
image/gif 18.168.102.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084918778664608
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.102.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9605 0
338 B 92ms
30ms Image
text/plain 63.33.113.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084918778664608
Requested by: Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKmy6YTV2fMCFWTj5godXLIM7w;src=5499309;type=sitev00;cat=wfpor0;ord=8655645789402;gtm=2wgai0;auiddc=1265078196.1634756099;~oref=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:55:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1634756100
x-served-by: beacon-n009-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 9605
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084918778664608&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084918778664608&expires=30

43 B
495 B

9ms
9ms

Image
image/gif

18.185.142.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084918778664608&expires=30
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-142-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 18:55:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084918778664608&expires=30
Date: Wed, 20 Oct 2021 18:55:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 9605
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YXBmBAAKn1PFrgAT
https://p.rfihub.com/cm?in=1&pub=21653&userid=YXBmBAAKn1PFrgAT&_test=YXBmBAAKn1PFrgAT

42 B
1 KB

15ms
14ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YXBmBAAKn1PFrgAT&_test=YXBmBAAKn1PFrgAT
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20777079p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 18:55:00 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:00 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1634756100.198339,VS0,VE0
x-served-by: cache-fra19161-FRA
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YXBmBAAKn1PFrgAT&_test=YXBmBAAKn1PFrgAT
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 controller-287accd6b7470a9973a3b4c487ffb441.html Show response
js.stripe.com/v3/ Frame 8DF6 349 B
1 KB 38ms
38ms Document
text/html 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f45a8f6bde47253d6e514532b4dfc9d4e057e97e0ab02ad52a71dffa7026094c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-287accd6b7470a9973a3b4c487ffb441.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 349
x-amz-id-2: nbxOurFWZprm09KoR1z3uA7hxw8hCxzFC11c4l2j+x9L6oYGXI0W1eLoTYo6+AN+L+boYhX0IlQ=
x-amz-request-id: 6346JRNHADBSYKZD
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
date: Wed, 20 Oct 2021 18:54:56 GMT
cache-control: max-age=60
etag: "287accd6b7470a9973a3b4c487ffb441"
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Nfgk6jZaCPRDS7AFfyn-dfBpkbSSy6Ti2z1XqlB0W3vSkQJn7DCDnQ==
age: 4

GET
H2 200 payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html Show response
js.stripe.com/v3/ Frame BAEA 434 B
1 KB 25ms
24ms Document
text/html 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1858f39b193991a4cb9b2870748f23b4fd9e3f14be2d2d7b03d56df567c8d3c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com;
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 434
x-amz-id-2: Lg1vFRChnYlUmvmAQEkEeQiarzEUQKTnHZdtVw064bvNjdSPuK05GmJ2GchQVYUJicynQS1ijiM=
x-amz-request-id: 811Y8S21FHYSZV52
last-modified: Tue, 19 Oct 2021 21:45:18 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'none'; connect-src 'self' https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com;
date: Wed, 20 Oct 2021 18:55:00 GMT
cache-control: max-age=60
etag: "ce18f638dc1b2c0c9af85b72e925afa5"
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nL5lrBIgeleuHDT8GFhO3GLWdJ2_4lqSVTlDZmt02nfy_d8tpC_Feg==

GET
H2 200 payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html Show response
js.stripe.com/v3/ Frame DDD5 370 B
1 KB 614ms
614ms Document
text/html 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

196db4067cb1f7a7a2308e58bcc022d6ed7f2e38052e70d02172d2bf6435cec1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 370
x-amz-id-2: 0FDOrcJ3wcYapG4rb8qBsDdU+fGMiwZnYcNPUMNTvTakTeEOoBuK4+yQlKH5CZaqDeaP3cvVyig=
x-amz-request-id: MX1Y0KWG9VFDXTT7
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Wed, 20 Oct 2021 18:55:02 GMT
cache-control: max-age=60
etag: "019ea94eb2866906f02e2be0d2806e2d"
x-cache: RefreshHit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qxGjmena9x3fCI89-ZN9a2AfiUUdERU2J-DK86qjUDKl2wPWuZ6h9g==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame BAEA 95 KB
31 KB 102ms
58ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a3db175ecd938821b5d6d896043ea706f7f0ebae770fe89263b5f9d7fb2f1cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hy47FzQXebeKblWBQQKLHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-hy47FzQXebeKblWBQQKLHA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:55:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: script-src 'report-sample' 'nonce-hy47FzQXebeKblWBQQKLHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-hy47FzQXebeKblWBQQKLHA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Wed, 20 Oct 2021 18:55:00 GMT

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BAEA 189 KB
52 KB 21ms
20ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"39566d350c9935e47f6bdfc4a646353a"
age: 18
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 9XZFXTP514KB7C7K
x-amz-id-2: TlII1yLW5VmuB0kNj3W4z29+TANUxBE2NBqfApi8StlMNqTTFXfEKtp1tKErLH0Jc/GfQ/L9WnE=
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
date: Wed, 20 Oct 2021 18:54:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: GK7GLZ5jKjYzud5pteRS73iOxPdcnowjENFuLr95ZHWWLm37Mqk1Hw==

GET
H2 200 payment-request-inner-google-pay-db7ec9ee9b6bdde09de06e0dd1295f5e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BAEA 13 KB
5 KB 27ms
27ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-db7ec9ee9b6bdde09de06e0dd1295f5e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

534ff11f9772b25fa99b794110ff7afa7db494f58823cf3f6753432c7e8defc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"cddcb315a946f417d5bd490169481641"
x-amz-request-id: TPG3E7WXANEA26RV
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: iLgb3eonUnMTbuyrN/ZHDT6McoD9qxyQaj+GG15HBCgnmu+apyCDkVZpLliFyUFWfW1VOKv3fsM=
last-modified: Tue, 19 Oct 2021 21:45:05 GMT
server: AmazonS3
date: Wed, 20 Oct 2021 18:55:00 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: P_dWZgSIz612j32oP_7JRZzrKmMMo6zL6P0n2tsvbyqAZ7kn8vROhQ==

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8DF6 189 KB
52 KB 31ms
30ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:49 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 12
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: RW2X21KCZ9NRBA8C
x-amz-id-2: eh5sax6/V4Zf64+XRz5UyqG1i8QtbWCJczYFQdG7/yxg0EeE6IpXq6pmoQl6cH0y+xvKvkZ+wDg=
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
etag: W/"39566d350c9935e47f6bdfc4a646353a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: GTvipIwKMx1PgGqDsGV_Ba0H4BjcWH3fSF8tfVewRO-1loWUdzAFsQ==

GET
H2 200 controller-689329b81a4ec36442242c74d6f7e785.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8DF6 287 KB
81 KB 23ms
22ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-689329b81a4ec36442242c74d6f7e785.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7f30963d624b1125213209b260327c18887a6c3df00ca26de608660a28bf7147

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:54:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 20
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: EWHGBSQJ76RWR39R
x-amz-id-2: q91i+drwLoYPJxtl+zHAAdRXOakvtOnuqmiOzLSbr3L7XNjZAAVsELWeHnk4NYde+ijIsausg1A=
last-modified: Tue, 19 Oct 2021 21:45:00 GMT
server: AmazonS3
etag: W/"49196ee91f6eaadf5c894614b0ed6e00"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: rCDPM5TrSDp0TLY9qDp9GhdAzKLGcUHOYV6S_qXVoCarbte_CZ8QBg==

POST
H2 200 0 Show response
r.stripe.com/ Frame 8DF6 0
214 B 489ms
162ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
286 B 483ms
158ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1634756100690&event_id=2225f5a9-7d67-4451-b952-8c886392b732&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 483ms
158ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.options&event_count=3&timestamp=1634756100691&event_id=b0bad765-eade-4c65-bbec-b337cfc81ac1&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&options-country=GB&options-currency=gbp&options-requestPayerEmail=true&options-requestPayerName=true&usesButtonElement=false

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 484ms
160ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.query_strategy&event_count=4&timestamp=1634756100691&event_id=fc7d47a2-d318-4fa7-a93c-32f9191b0af3&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&queryStrategy=GOOGLE_PAY+BROWSER&usesButtonElement=false

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 482ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=5&timestamp=1634756100691&event_id=81674c05-60d8-4325-a22f-2dbe9fcde6b8&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 482ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=6&timestamp=1634756100692&event_id=79a15be1-cac6-42c9-b32f-82825e3632c9&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 483ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment&event_count=7&timestamp=1634756100692&event_id=c10ecc4c-493f-4fe9-9a47-3f886caf5467&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&usesButtonElement=false

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 158ms
157ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=8&timestamp=1634756100693&event_id=897826f6-f768-4715-b79d-4bea136b7065&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=41&dom_interactive=106&dom_complete=106&since_sjs_load=112&since_stripe_create=109&since_create=109&mount_duration=106&since_fetch=104&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=52411&resource_timings-shared.js-duration=34&resource_timings-controller.js-transfer_size=82301&resource_timings-controller.js-duration=30

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame E0DE 17 KB
8 KB 366ms
64ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96dc1227f55298d6daa62d348c4fa5eebf3c0d9781d57da346285b52f79e9243

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-cSW6Y9paBPx+U5ibF45v5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-cSW6Y9paBPx+U5ibF45v5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=pY-lpr_mo7U-JAg1fjdKwrRNyqjb9j-cuZGbhUJMDP0l7L6pofKNQONIIHSf-YaSj6PR3lG6_TL1Jv_pTm4DLsshTKGgAFDNN09IKMpSAQtQeZAEDcaCZKAJ3a8KHA_sdso_zoPw_k8kyE-lXxDQE8xuzTvhDIcgOYLoeJYzC7k
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Wed, 20 Oct 2021 18:55:01 GMT
date: Wed, 20 Oct 2021 18:55:01 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-cSW6Y9paBPx+U5ibF45v5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-cSW6Y9paBPx+U5ibF45v5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 161ms
160ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.cross_frame_access&event_count=9&timestamp=1634756100738&event_id=85dfd28d-2af5-4f15-a0a3-76d98e062cda&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&available=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame E0DE 2 KB
2 KB 13ms
13ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1877519415676647&ev=Microdata&dl=https%3A%2F%2Fdonatenow.wfp.org%2Fwfp%2F~my-donation%3Futm_jobid%3D%26utm_source%3DAll%2520Subscribers%26utm_campaign%3Dphone_update1%26utm_medium%3Demail%26utm_content%3DPhone%2Bcapture%2B-%2Bemail%2B1_356010%26utm_cid%3D%26utm_platform%3Dmarketingcloud%23once&rl=&if=false&ts=1634756101110&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20Now%20%7C%20United%20Nations%20World%20Food%20Programme%22%2C%22meta%3Adescription%22%3A%22Saving%20lives%2C%20changing%20lives%22%2C%22meta%3Akeywords%22%3A%22WFP%2C%20donate%2C%20give%2C%20support%2C%20World%20Food%20Programme%2C%20hunger%2C%20charity%2C%20international%20organization%2C%20food%2C%20Sustainable%20Development%20Goals%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1634756099602.1543526527&it=1634756099516&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 20 Oct 2021 18:55:01 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMi... Frame E0DE 147 KB
52 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c849a3c90f94815c3a02949f28d0c060ce8c619426001e30d8f5ac0d009d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52562
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 03:22:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:27:07 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame E0DE 36 KB
13 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b8ec26fc043fd956a63a4b4a0eca99247a40f607ec10c08707b17920f977e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13472
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:12 GMT

GET
H2 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame E0DE 71 KB
26 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9451801ef20bde4320e1aba58002349f0fbf2fa7c6d45d761fb8b64146129f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26715
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E0DE 49 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 3235
date: Wed, 20 Oct 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Wed, 20 Oct 2021 20:01:06 GMT

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame E0DE 1 MB
339 KB 64ms
64ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

875bfa6cdfb2836778727cdb07382f9fca34b090593cda93f999286dc4560abd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3zWwU8EUZidxy54S31efUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-3zWwU8EUZidxy54S31efUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Wed, 20 Oct 2021 18:55:01 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-3zWwU8EUZidxy54S31efUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-3zWwU8EUZidxy54S31efUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Wed, 20 Oct 2021 18:55:01 GMT

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDD5 189 KB
52 KB 37ms
36ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"39566d350c9935e47f6bdfc4a646353a"
age: 17
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 1VDZA10SETRES9HY
x-amz-id-2: 4czohjmZ6wndyxvWN3m1X2tEzz9RpQYigig5mjJbrDTV+HJ+TR4EzMvCFpvWmQ6AedsJGoWpNJQ=
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
date: Wed, 20 Oct 2021 18:54:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: O_uPN1RwqTsfnYXfxc2Uuo3CidMj_5QT_PW1Mr7RoRrgWz2IKV8Smw==

GET
H2 200 payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDD5 11 KB
5 KB 23ms
22ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"10d818482d8e44820136b10d6f9b02e4"
age: 25
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: TT18FTFPJCBFDW05
x-amz-id-2: 5bXlVZwbhN1hHeOF1/d/+DnspCmXkvi47v3MdRd0u2PuAG7BXe7e+DOmKJrBUhkkziHTrq0ebKA=
last-modified: Tue, 19 Oct 2021 21:45:06 GMT
server: AmazonS3
date: Wed, 20 Oct 2021 18:54:51 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: cK7g58XF5pW9YKwF8rUpnWOP_9QS7h__Ofwz1NimulU5c4h5W3mBmg==

POST
H2 200 log Show response
play.google.com/ Frame E0DE 131 B
273 B 373ms
72ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:55:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
39ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 20 Oct 2021 18:55:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 18:55:01 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame E0DE 131 B
273 B 342ms
40ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:55:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
38ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 20 Oct 2021 18:55:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 18:55:01 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame E0DE 131 B
273 B 342ms
42ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:55:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
39ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 20 Oct 2021 18:55:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 18:55:01 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame E0DE 131 B
273 B 344ms
45ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:55:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
40ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 20 Oct 2021 18:55:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 18:55:01 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame E0DE 131 B
273 B 341ms
41ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:55:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 48ms
39ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 20 Oct 2021 18:55:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 18:55:01 GMT
cache-control: private

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame E0DE 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b487fbb021abfdd71c1d35ad4fe3527fcc7980f913c4365007a15c3a2f3a42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7269
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:17 GMT

GET
H2 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame E0DE 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77913119c0f685476cccef435562099303302c2b96c2435b3e230df70498327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:17 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
38ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 20 Oct 2021 18:55:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 20 Oct 2021 18:55:01 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame E0DE 131 B
273 B 342ms
45ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:55:01 GMT

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 158ms
157ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.activity_mode&event_count=10&timestamp=1634756101263&event_id=612a70ad-1e43-4bd9-9a79-fb31905a4269&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&activityModeName=POPUP&activityMode=2&backingLibrary=GOOGLE_PAY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 158ms
158ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.can_make_payment_native_response&event_count=11&timestamp=1634756101263&event_id=4695436a-6a85-4acd-89e8-10a18d2bd22a&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&available=false&backingLibrary=GOOGLE_PAY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 sparkcentral.1.25.7.css
cdn.sparkcentral.com/rtm/web/1.25.7/ 3 KB
1 KB 12ms
12ms Stylesheet
text/css 2600:9000:2156:c600:14:56a0:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.css
Requested by: Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 17:54:39 GMT
content-encoding: gzip
etag: W/"4c74258ace5e1e172fe16e0f81170ea4"
last-modified: Fri, 19 Feb 2021 16:46:30 GMT
server: AmazonS3
age: 3908
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-meta-lastmodified: 2020-03-16 15:17:38 +0000 UTC
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hy9uwqJqCsV8Gca9IflbpwCKSUdnFFGy2PZub-xzgj4EU-WXfY5Dbg==

GET
H2 200 frame.1.25.7.css
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 9EE2 96 KB
15 KB 16ms
15ms Stylesheet
text/css 2600:9000:2156:c600:14:56a0:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css
Requested by: Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:46:22 GMT
content-encoding: gzip
etag: W/"79560a9f764fa94e6e9d749b61ac292a"
last-modified: Fri, 19 Feb 2021 16:46:29 GMT
server: AmazonS3
age: 1316
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-meta-lastmodified: 2020-03-16 15:17:38 +0000 UTC
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vxeNPE_mkJe-K5N7Vo1wKezibxjSStDT94pXoM09f_pV4dll2-jTnQ==

GET
H2 200 frame.1.25.7.min.js Show response
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 9EE2 833 KB
252 KB 12ms
12ms Script
application/javascript 2600:9000:2156:c600:14:56a0:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js
Requested by: Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d

Request headers

Referer: https://donatenow.wfp.org/
Origin: https://donatenow.wfp.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:26:57 GMT
content-encoding: gzip
age: 55684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-meta-lastmodified: 2020-03-16 15:17:38 +0000 UTC
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 16:46:30 GMT
server: AmazonS3
etag: W/"461058a8e768a1691575ed540ddecdab"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Z6CizjgbpLIzOYptLBkcSXHCbTbYHtdhZ1zZxPOvhl8_TGtBuEPjVQ==

GET
H2 200 utils.js Show response
donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/js/ 356 KB
57 KB 13ms
12ms Script
application/x-javascript 2600:9000:2156:9000:e:8540:d2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://donatenow.wfp.org/libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/js/utils.js
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:e:8540:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 043ea23b3128b812a2a80fa807f9623ed15eba07ad0b862ae3402bdb94dd13ed

Request headers

:path: /libs.iraiser.eu/libs/intl-tel-input-15.0.1/build/js/utils.js
pragma: no-cache
cookie: DntSession=n8jhqhgncdjuoe3rm1cdjd4jl7; _gcl_au=1.1.1265078196.1634756099; SourceTracking=W3siY2lkIjoiIiwiZWNpZCI6bnVsbCwicmVmZXJyZXIiOiJBbGwlMjBTdWJzY3JpYmVycyIsImNhbXBhaWduIjoicGhvbmVfdXBkYXRlMSIsIm1lZGl1bSI6ImVtYWlsIiwidGltZXN0YW1wIjoxNjM0NzU2MDk5NDM4fV0=; SourceAnalytics=eyJ2ZXJzaW9uIjoiMSIsInZpc2l0b3JpZCI6ImI5NjM1NWFjLWEwMzMtNDFkNy04OWNiLTZlNDczNzY0N2VmMiJ9; _hjid=71454b8d-d812-4454-8c5e-644690277ed4; _hjFirstSeen=1; _uetsid=3992de3031d711ec84cbd3749df2c7c2; _uetvid=3993049031d711eca3de15ac8c14f34f; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; _hjIncludedInSessionSample=0; _fbp=fb.1.1634756099602.1543526527; __adal_ses=*; __adal_ca=so%3DAll%2520Subscribers%26me%3Demail%26ca%3Dphone_update1%26co%3DPhone%252Bcapture%252B-%252Bemail%252B1_356010%26ke%3D%28not%2520set%29; __adal_id=e4cad762-ae6f-4901-aab2-263854b2f06f.1634756100.2.1634756100.1634756100.ea0154ef-1d92-4b59-87e3-2cd0e41a6692; __adal_cw=1634756099626; _ga=GA1.2.2061012784.1634756100; _gid=GA1.2.1930381636.1634756100; _dc_gtm_UA-2556524-1=1; _gat_UA-127155074-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donatenow.wfp.org
referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 18:42:56 GMT
content-encoding: gzip
server: nginx
age: 725
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=315360000 public
x-amz-cf-pop: FRA56-P4 FRA50-C1
x-amz-cf-id: 2ud121y6xkjbaEIciOng1piDAnMwuK693lCeC2gEL3Swj-gaScdOVw==
via: 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront), 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame F0FD 240 B
970 B 20ms
20ms Document
text/html 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-f7902241893e7a497417843cb15dc858.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donatenow.wfp.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
x-amz-id-2: iyANiLD29rVxwKBdvDrqxyz5zOcbHPjJ2NItQwwksVDTof/k2OnKvjilHi6X+N5i69kx18QBihI=
x-amz-request-id: EBE7EXZWEHZHP7P7
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Wed, 20 Oct 2021 18:54:15 GMT
cache-control: max-age=60
etag: "f7902241893e7a497417843cb15dc858"
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kl1k1oAlQaUi4TSsUL88TtGZjCU5ywzayn9RVzehC3aeFNB7e_VAKA==
age: 47

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 158ms
157ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=12&timestamp=1634756101285&event_id=f33315fe-0d1c-4920-8c07-bf39dec27735&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&element=outer&dom_loading=474&dom_interactive=797&dom_complete=2821&since_fetch=2116&load_count=1&load_before_dom_content_loaded=false&load_ready_state=interactive&first_create_ready_state=interactive&first_mount_readyState=interactive&until_first_create=3&until_first_mount=5&until_first_load=122&resource_timings-stripe.js-transfer_size=70635&resource_timings-stripe.js-duration=1305&resource_timings-controller.html-transfer_size=649&resource_timings-controller.html-duration=40&resource_timings-payment-request-inner-google-pay.html-transfer_size=734&resource_timings-payment-request-inner-google-pay.html-duration=26&resource_timings-payment-request-inner-browser.html-transfer_size=670&resource_timings-payment-request-inner-browser.html-duration=616

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 log Show response
play.google.com/ Frame E0DE 131 B
642 B 62ms
42ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Wed, 20 Oct 2021 18:55:01 GMT

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 159ms
157ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.pr.browser.can_make_payment_rate_limited&event_count=13&timestamp=1634756101296&event_id=efe6de9a-2848-4607-bb0c-8f4f67f61d4b&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&backingLibrary=BROWSER

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 159ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.payreq.can_make_payment_rate_limited&event_count=14&timestamp=1634756101297&event_id=d652b68a-5cc1-4d8a-9923-398535c68949&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&message=Renderer+process+could+not+establish+or+lost+IPC+connection+to+the+PaymentRequest+service+in+the+browser+process.&impl=prapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 8DF6 43 B
285 B 159ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment_response&event_count=15&timestamp=1634756101299&event_id=a4076d75-9733-4284-af79-3012aec7c72c&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_B8i61g0e8e5n5JudV1hQaaiM00uc5oCUAH&referrer=https%3A%2F%2Fdonatenow.wfp.org&stripe_js_id=224c39e9-bbf8-4370-adb1-1c70a99342f7&controller_load_time=1634756100678&wrapper=unknown&es_module=false&frame_width=1600&response-applePay=false&response-googlePay=false&cached=false&duration=720&activeBackingLibrary=BROWSER&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Oct 2021 18:55:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F0FD 1 KB
1 KB 25ms
25ms Script
application/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"5213886b88cd72e6d0aebc89868e5d13"
age: 45
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 6B0HC14W3T3GM648
x-amz-id-2: BnQzqb/k8OC44bfZPFmY1nzlh2XihV4IhpF3D/r/9Almk2vwuhpDkpL+fl+w/ib10F7x+oDKgkI=
last-modified: Tue, 19 Oct 2021 21:45:00 GMT
server: AmazonS3
date: Wed, 20 Oct 2021 18:54:51 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 9L46DlFqorAlOLmSmVi8oqj3b9QjPH-eqOsCIsGHWMV4Tgu3P2FOZg==

GET
H/1.1 200
OK config Show response
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame 9EE2 1 KB
1 KB 165ms
165ms Fetch
application/json 34.251.226.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config

Requested by

Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.251.226.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-226-251.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9cedcff00911c628e97ae309fa0c977f337fcab26a5bd3e670df05ec448d2619

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
x-smooch-sdk: web/sparkcentral/1.25.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
Accept: application/json
x-smooch-clientid: 16f184371bd743f6979b1268ac823153
Referer: https://donatenow.wfp.org/
x-smooch-appid: 5f3157de284bd6000cc5b1eb

Response headers

Pragma: no-cache
Date: Wed, 20 Oct 2021 18:55:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"411-H6TDjDKokMvP+COkTJTj/8A+4zs"
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://donatenow.wfp.org
Access-Control-Expose-Headers: Retry-After
Cache-Control: private, no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: -1

OPTIONS
H/1.1 200
OK config
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame 0
0 130ms
40ms Preflight 34.251.226.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config

Protocol

HTTP/1.1

Server

34.251.226.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-226-251.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk
Origin: https://donatenow.wfp.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 20 Oct 2021 18:55:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: -1
Pragma: no-cache
Access-Control-Allow-Origin: https://donatenow.wfp.org
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, PUT, POST, DELETE, OPTIONS
access-control-allow-headers: content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk
X-Content-Type-Options: nosniff

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 09D8 932 B
1 KB 37ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Wed, 20 Oct 2021 18:55:01 GMT
via: 1.1 varnish
age: 120
x-served-by: cache-fra19145-FRA
x-cache: HIT
x-cache-hits: 168
x-timer: S1634756101.458337,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

POST
H2 200 csp-report
q.stripe.com/ Frame 09D8 0
120 B 171ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 20 Oct 2021 18:55:01 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 09D8 85 KB
16 KB 21ms
20ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 15786
x-served-by: cache-fra19145-FRA
server: Fastly
x-timer: S1634756101.492962,VS0,VE0
date: Wed, 20 Oct 2021 18:55:01 GMT
vary: Accept-Encoding, Origin
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 77

POST
H2 200 6 Show response
m.stripe.com/ Frame 09D8 156 B
516 B 541ms
214ms XHR
text/plain 35.166.212.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.212.249 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-212-249.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

09688d01f040880180f83b0d036fabfe1323d6a74beaaaa8d0c0e03dbcd1df02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Oct 2021 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 495cbf48a0b5e9bd3b3efd74d07d1e62.png
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 9EE2 3 KB
4 KB 13ms
12ms Image
image/png 2600:9000:2156:c600:14:56a0:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/495cbf48a0b5e9bd3b3efd74d07d1e62.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d283151277ce9a966db5e94713b12b55345bacc16d09ed871d3ac7fd619251f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 20 Oct 2021 06:21:50 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified: Fri, 19 Feb 2021 16:46:29 GMT
server: AmazonS3
age: 45192
etag: "495cbf48a0b5e9bd3b3efd74d07d1e62"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-lastmodified: 2020-03-16 15:17:32 +0000 UTC
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3296
x-amz-cf-id: DFB5Nz_NsY2xVd97I5NjN14z971mPB-5peWaZ1xSM1jqY5D6fNEqAw==

GET
H2 200 2fb46965575c0c497c81e110c437f0ce.jpg
media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/ Frame 9EE2 13 KB
14 KB 75ms
18ms Image
image/png 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/2fb46965575c0c497c81e110c437f0ce.jpg
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: jXX0xo4WZeYgkmw3zDgFQK5_DSvCWDa3
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 07:47:47 GMT
server: AmazonS3
age: 46236
etag: "d672f813fc7205fef9cfbd559be83e62"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315532800
date: Wed, 20 Oct 2021 06:04:26 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 13712
x-amz-cf-id: wwgUHc6dWDlkUPIDuUkwhrCgRaKdvFEvpPv_aPvPHKyCQnJu7dDnbw==

GET
H2 200 7f0078e82d2e653bfab143e8181cdd9e.png
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 9EE2 1 KB
2 KB 16ms
16ms Image
image/png 2600:9000:2156:c600:14:56a0:4680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/7f0078e82d2e653bfab143e8181cdd9e.png
Requested by: Host: donatenow.wfp.org
URL: https://donatenow.wfp.org/wfp/~my-donation?utm_jobid=&utm_source=All%20Subscribers&utm_campaign=phone_update1&utm_medium=email&utm_content=Phone+capture+-+email+1_356010&utm_cid=&utm_platform=marketingcloud
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c600:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44c48de85c6def81ed02239d6b54ec624c9d7f91aa11cd3b27766eeb985dfb48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donatenow.wfp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 20 Oct 2021 18:55:01 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified: Fri, 19 Feb 2021 16:46:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "7f0078e82d2e653bfab143e8181cdd9e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-lastmodified: 2020-03-16 15:17:34 +0000 UTC
accept-ranges: bytes
content-length: 1203
x-amz-cf-id: yLHsg4LBsAzqjnPrHC8q82FSyuQv6W708Lj8_KnLQQVdKv4UlNUfiA==

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
donatenow.wfp.org/	1969-12-31 23:59:59	Name: DntSession Value: n8jhqhgncdjuoe3rm1cdjd4jl7
.wfp.org/	1970-01-20 00:15:32	Name: _gcl_au Value: 1.1.1265078196.1634756099
.wfp.org/	1970-01-19 22:49:08	Name: SourceTracking Value: W3siY2lkIjoiIiwiZWNpZCI6bnVsbCwicmVmZXJyZXIiOiJBbGwlMjBTdWJzY3JpYmVycyIsImNhbXBhaWduIjoicGhvbmVfdXBkYXRlMSIsIm1lZGl1bSI6ImVtYWlsIiwidGltZXN0YW1wIjoxNjM0NzU2MDk5NDM4fV0=
.wfp.org/	1970-01-20 06:44:20	Name: SourceAnalytics Value: eyJ2ZXJzaW9uIjoiMSIsInZpc2l0b3JpZCI6ImI5NjM1NWFjLWEwMzMtNDFkNy04OWNiLTZlNDczNzY0N2VmMiJ9
.bing.com/	1970-01-20 07:27:32	Name: MUID Value: 1C551D6DF45667CE38D10DBBF53D66BB
.wfp.org/	1970-01-20 06:51:32	Name: _hjid Value: 71454b8d-d812-4454-8c5e-644690277ed4
.wfp.org/	1970-01-19 22:05:57	Name: _hjFirstSeen Value: 1
.wfp.org/	1970-01-19 22:07:22	Name: _uetsid Value: 3992de3031d711ec84cbd3749df2c7c2
.wfp.org/	1970-01-20 07:27:32	Name: _uetvid Value: 3993049031d711eca3de15ac8c14f34f
donatenow.wfp.org/	1970-01-19 22:05:56	Name: _hjIncludedInPageviewSample Value: 1
.wfp.org/	1970-01-19 22:05:57	Name: _hjAbsoluteSessionInProgress Value: 1
donatenow.wfp.org/	1970-01-19 22:05:56	Name: _hjIncludedInSessionSample Value: 0
.wfp.org/	1970-01-20 00:15:32	Name: _fbp Value: fb.1.1634756099602.1543526527
.wfp.org/	1970-01-19 22:05:57	Name: __adal_ses Value: *
.wfp.org/	1970-01-20 02:25:08	Name: __adal_ca Value: so%3DAll%2520Subscribers%26me%3Demail%26ca%3Dphone_update1%26co%3DPhone%252Bcapture%252B-%252Bemail%252B1_356010%26ke%3D%28not%2520set%29
.wfp.org/	1970-01-20 15:37:08	Name: __adal_id Value: e4cad762-ae6f-4901-aab2-263854b2f06f.1634756100.2.1634756100.1634756100.ea0154ef-1d92-4b59-87e3-2cd0e41a6692
.doubleclick.net/	1970-01-20 07:27:32	Name: IDE Value: AHWqTUnmPwMmOs1MiULtwJ4Sqj7732CdTG5F0qVdtD6k4HtOefI0gW1gzDJusG8rIfw
.wfp.org/	1970-01-19 22:16:00	Name: __adal_cw Value: 1634756099626
.wfp.org/	1970-01-20 15:37:08	Name: _ga Value: GA1.2.2061012784.1634756100
.wfp.org/	1970-01-19 22:07:22	Name: _gid Value: GA1.2.1930381636.1634756100
.wfp.org/	1970-01-19 22:05:56	Name: _dc_gtm_UA-2556524-1 Value: 1
.wfp.org/	1970-01-19 22:05:56	Name: _gat_UA-127155074-1 Value: 1
.rfihub.com/	1970-01-20 07:27:32	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0tDA3tzAzMzEzsBDiM9S1zCgr9HML9yjODSmS4jU0MzYxNzUzsLS0MLYAAGuhtnU0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0tDA3tzAzMzEzsBDiM9S1zCgr9HML9yjODSkCAH0h8fslAAAA
.media.net/	1970-01-20 06:51:32	Name: visitor-id Value: 2777576999860380000V10
.media.net/	1970-01-20 06:50:05	Name: data-rk Value: 5140084918778664608~~3
.media.net/	1970-01-20 02:32:20	Name: gdpr_status Value: 1
.casalemedia.com/	1970-01-20 06:51:32	Name: CMID Value: YXBmA7Vc0P5B6a9nt.G2AAAA
.casalemedia.com/	1970-01-20 00:15:32	Name: CMPS Value: 5226
.eyeota.net/	1970-01-19 22:05:56	Name: SERVERID Value: 23509~DM
.casalemedia.com/	1970-01-20 00:15:32	Name: CMPRO Value: 1153
.casalemedia.com/	1970-01-20 06:51:32	Name: CMRUM3 Value: 396170660327605140084918778664608
.casalemedia.com/	1970-01-19 22:07:22	Name: CMST Value: YXBmA2FwZgMA
.demdex.net/	1970-01-20 02:25:08	Name: demdex Value: 13851752730348924970013771338943452617
.dpm.demdex.net/	1970-01-20 02:25:08	Name: dpm Value: 13851752730348924970013771338943452617
.spotxchange.com/	1970-01-20 06:51:36	Name: audience Value: 39df63df-31d7-11ec-b95e-1891fad20306
.adnxs.com/	1970-01-20 00:15:32	Name: uuid2 Value: 7111396101091967669
.rezync.com/	1970-01-20 02:24:42	Name: zync-uuid Value: 2434ecb6-bb91-4955-8b0b-22e1aa3342e1:1634756099.97
live.rezync.com/	1970-01-20 02:25:08	Name: sd-session-id Value: .eJwVyk0LgjAYAOC_Eu-5wyw_ltCxxOh1SLPwJGUDN52FmxQT_3t2fOCZoHqLQd970VuI7TCKNdSdXGQgnsBIp0ULMQSeTwj1dx6NIhqGfkgozGswwhj56iv5_O_VY5mocpclV1Wq0pY6DfBCCOOFd-aNxCS1qE4d3o4NOiSoiy9Thw26fJvx8sN4OzJe72Gef7LtMR4.FFH3gw.HRPqocw4qH8YjJC-Ae0nW-m5fGs
.rlcdn.com/	1970-01-20 06:51:32	Name: rlas3 Value: AuVZ1vd7lUnG7MK/4PcBfOMIDKX1KIglkVIe46EBjeU=
.rlcdn.com/	1970-01-19 23:32:20	Name: pxrc Value: CITMwYsGEgYIuuoBEAA=
.adnxs.com/	1970-01-20 00:15:32	Name: anj Value: dTM7k!M4/YErk#WF']wIg2H`cYRssb!1yIE`Wq3dShskA5Hr@K3]-:=4ujvv`pOXt3k0%JFO>1@VsaN]N3FR@PsXH%!=U0Os/RJl
.bidswitch.net/	1970-01-20 06:51:32	Name: tuuid Value: 43a8961e-15da-4257-bf16-cdc25fbcf681
.bidswitch.net/	1970-01-20 06:51:32	Name: c Value: 1634756100
.bidswitch.net/	1970-01-20 06:51:32	Name: tuuid_lu Value: 1634756100
.krxd.net/	1970-01-20 02:25:08	Name: _kuid_ Value: ObsRL8SQ
.everesttech.net/	1970-01-20 06:51:32	Name: everest_g_v2 Value: g_surferid~YXBmBAAKn1PFrgAT
.rfihub.com/	1970-01-20 07:27:32	Name: smd Value: H4sIAAAAAAAAADPiNTQzNjE3NTM0MDAysAQArbAtgA8AAAA
.rfihub.com/	1970-01-20 07:27:32	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dXLMKg730TVxMqgyNggMCS0oNshKjFTiVIl38o4PDfV0CeI1NDM2MTc1M7C0tDQzzIJxDQ0MDA1MZjEiSVuYGK1C459C479C4_9C409iQuXPQuMvQuOvQuNvQuPvQlfPgsq_hcZfxCoQGeGU6-To6J1nGOBWlO4YsooVyctGBpabWNGs4EbzEhp_krCRkYmxSWpykpluUpKloa6JpamprkWSQZKukVGqYWKisbEJkLZCaNKzNJ8ljGSpganBImFUQx-h8QF1hnrhzwEAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dXLMKg730TVxMqgyNggMCS0oNshKjFTiVIl38o4PDfV0WcUoEBnhlOvk6OidZxjgVpTuGNLEYmRkYmySmpxkppuUZGmoa2JpaqprkWSQpGtklGqYmGhsbAKkrQzNjE3MTc0MLC31LM0BUNUkvnEAAAA
.google.com/	1970-01-20 02:29:27	Name: NID Value: 511=pY-lpr_mo7U-JAg1fjdKwrRNyqjb9j-cuZGbhUJMDP0l7L6pofKNQONIIHSf-YaSj6PR3lG6_TL1Jv_pTm4DLsshTKGgAFDNN09IKMpSAQtQeZAEDcaCZKAJ3a8KHA_sdso_zoPw_k8kyE-lXxDQE8xuzTvhDIcgOYLoeJYzC7k
m.stripe.com/	1970-01-20 15:37:08	Name: m Value: 98b98e3f-28e3-4a54-9322-106a8061275c26d4e1
.donatenow.wfp.org/	1970-01-20 06:51:32	Name: __stripe_mid Value: 3f451139-8755-4da3-a146-3c08412a886b5468f3
.donatenow.wfp.org/	1970-01-19 22:05:57	Name: __stripe_sid Value: ce27e465-b622-4b17-b71f-e624d46a9ae8a74ae0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10390555.fls.doubleclick.net
20777079p.rfihub.com
5499309.fls.doubleclick.net
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
b.stats.paypal.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c.paypal.com
c0.adalyser.com
c1.rfihub.net
cdn.iraiser.eu
cdn.sparkcentral.com
click.support.wfp.org
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
donatenow.wfp.org
dpm.demdex.net
dsum-sec.casalemedia.com
dub.stats.paypal.com
fh.mg.wfp.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
js.stripe.com
libs.iraiser.eu
live.rezync.com
m.stripe.com
m.stripe.network
media.eu-1.smooch.io
monitoring.iraiser.eu
p.rfihub.com
partners.tremorhub.com
pay.google.com
pixel.rubiconproject.com
play.google.com
ps.eyeota.net
q.stripe.com
r.stripe.com
script.hotjar.com
services.iraiser.eu
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
use.fontawesome.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.paypalobjects.com
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
142.250.184.198
142.250.186.66
142.250.74.194
143.204.98.105
143.204.98.32
143.204.98.45
143.204.98.52
143.204.98.62
143.204.98.76
143.204.98.89
143.204.98.95
151.101.128.176
151.101.65.35
151.101.66.133
151.101.66.49
161.71.58.175
18.168.102.56
18.185.142.87
185.33.221.50
185.94.180.125
193.0.160.129
2.18.234.21
23.21.225.74
2600:1f18:612b:4200:978a:c3c2:8227:81a1
2600:9000:2156:3e00:1:76cf:fe80:93a1
2600:9000:2156:6000:5:e00c:b700:93a1
2600:9000:2156:9000:e:8540:d2c0:93a1
2600:9000:2156:9400:1:5c0e:9a80:93a1
2600:9000:2156:c600:14:56a0:4680:93a1
2600:9000:2156:ce00:4:3241:ce00:93a1
2600:9000:2156:f000:b:6b6b:1200:93a1
2606:4700:3037::6815:4e07
2620:1ec:c11::200
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c07::5c
2a00:1450:400c:c09::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.251.226.251
35.166.212.249
35.244.174.68
52.48.145.41
52.57.150.20
54.164.135.202
54.186.23.98
63.33.113.238
63.35.104.241
64.4.245.84
69.173.144.138
92.122.253.103
99.81.27.250
037dc6f1377075393c6ec101347ace1b4579d2a451f505a221ddb1896d8f546a
043ea23b3128b812a2a80fa807f9623ed15eba07ad0b862ae3402bdb94dd13ed
09688d01f040880180f83b0d036fabfe1323d6a74beaaaa8d0c0e03dbcd1df02
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0bd785f240d765ee35e810a6ab6c45918b1822b15ff78a80faf2ba58a50b8e9e
0e706a7d763c414082dc37bff0d25ed93da3f2dad8680f0ab656683b388f1e25
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1306483c1bea5b5c8b2c56d7ce711ef794860241a74f27bb20bb99ac04bb9ca0
15f6865841563f9690aa73d93d6af4f80c0544d09b1c9f1479c44edd1bec5f6e
17fbf18baa0557422fe5fda097999d5c1695e244d23f9945273a5e11a6a6aedf
1858f39b193991a4cb9b2870748f23b4fd9e3f14be2d2d7b03d56df567c8d3c8
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
196db4067cb1f7a7a2308e58bcc022d6ed7f2e38052e70d02172d2bf6435cec1
1ad6f1b6aaa18a205dc2e58d0f6c09265cc0d12e3b338c01cf7ec76bd047eb2c
1d6d9e026c3e3271569129f404d097c232122f9c2728ae25357561ca6a63b4f6
1e19112303463753d5f2da7d3f30953b37b2a0af36789967992639d7d704f155
221a033d26877ac6806b0d0cab57ea77061a7724552cc9620d98f002df29baed
2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962
249e5b8d94463770e790d8f77f3be78c5eaf988b1620aec32ade2c34340b0563
271445b6d501e282c8d000e41e1a7bd7c88812bd83ca70b65a4745763669347b
27f4af2dd922b70eb219d7ab51ca7f6b0eedb7664bc9c077b62b5859aaa93cdb
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
29594823876415cb4ecfa5e2bb4d37023b64885eeaa62e4492a111affb232753
29c849a3c90f94815c3a02949f28d0c060ce8c619426001e30d8f5ac0d009d62
2a3db175ecd938821b5d6d896043ea706f7f0ebae770fe89263b5f9d7fb2f1cf
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2edf92695c21ee693df426746e4603819d9a141e178bc0f4274baaba9a7f8409
2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da
2fa68e2a1ef3f927db2fa132bd16829cbe7006407ddeb9ade3386302ec5d916e
335b0b4acdc0025ae0786d69882b45d5a1b32c7c415bcf10da482c5625c07c4d
3b487fbb021abfdd71c1d35ad4fe3527fcc7980f913c4365007a15c3a2f3a42f
3f70c91d1dea244ec5988df99e9237edbd23fa79241f11ae77e937115fd41775
3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9
44c48de85c6def81ed02239d6b54ec624c9d7f91aa11cd3b27766eeb985dfb48
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a58d6be5e186b923069a861e90554b70ccc29c2230aae0508c795b90c688a19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d
4f423bd8bedcf5444b7e59617a14a4c29818278fe7235366ed3bf85a87a1ee71
4f471d15db2b21e7adec92f1f190274f499211f727a1b8fd64e25e08c6dc1a2a
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50b311e58b8ce97f4dd5b95e510764a9cadc6699795068aa43e699db28842116
534ff11f9772b25fa99b794110ff7afa7db494f58823cf3f6753432c7e8defc6
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57023a9992c0eb9eb5f8f438481263ca015f647d74b703eb972362e8aba11281
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5976d0a05eb9aa0dc19984b73efeaaf47943d043a0a882a45db94b100f89e96c
5e6cc563070d6a74adcc945037fc29f5b4c2f705b634fae9fc49f5964d581f0b
6229931335281d11d6964c77157f21d2a09869fb360f211ceddc2ee5e337e88d
64e56836e083250c795d6fc4fd222f30841bb90de0dcef675bb81c44d2f96e12
6657a7d3ac4506ce3b0ca9234df4f63b6bff8e94e92f21f9d77921b166fc6925
668ee46bd31946cdb7479e102b234d719c31b8abbddc8f8c99ed7a9f92e92b1a
691a11e6c78d040bc3a0fd771288b7b5856a35f8c94c9a5cf986687967a5931c
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6a4ba476cccf999aebf81ed516173f4e34a7867333195283ab64f33c5cfcd58f
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd347265d76c0ad95c4089c2264171c982f57515a3c3711e6484d20d4fd98be
6bfa8e89f28b7fa5be746724da9edb3f78aff08de2200515295895f9092257c4
6bfeeb0cfe1e95bd5580361539cf045873d0416a3f997379bc839e641fdb8200
71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d
73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038
7571f876a280181f0595afa8635b22cbef0bdde03bda2ff6875c401bf154271f
781e10efd0a4fa3335a36549ad4a6555ea9161e5a27da84e2aeb97f2bb0773a5
79a2e7a05e21cec157368e563197cf48a9f34ec9ee61929793458bc6344ae918
7bd61a8bd3f7b453288bdfd795368755412f367dfa75094a8ed45730f1fbc3c3
7d283151277ce9a966db5e94713b12b55345bacc16d09ed871d3ac7fd619251f
7d3d72116ba00f366e9d8070e0dc9f4b8541af3293f38e3eb4ca28b80f09f279
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f30963d624b1125213209b260327c18887a6c3df00ca26de608660a28bf7147
803ddd7188e0fbbc0bdde5e0b1582584d89f0befdb1f55f1fb0a092563722a41
810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130
81db3aaae89ef616da34ae600900ed31097ffbb81177f9fdf7cdcf1667b41370
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875bfa6cdfb2836778727cdb07382f9fca34b090593cda93f999286dc4560abd
92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b
9451801ef20bde4320e1aba58002349f0fbf2fa7c6d45d761fb8b64146129f80
94ee0e97215c8f1db64eeb3e1948eefb73a8c5a1c4aead335ac2cc37374a4409
95132142758c3802f71cb348e8d11f420787539067e6fe823310742754ebcde6
96dc1227f55298d6daa62d348c4fa5eebf3c0d9781d57da346285b52f79e9243
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677
9cedcff00911c628e97ae309fa0c977f337fcab26a5bd3e670df05ec448d2619
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2a44b3304c57c0e5b818dd5a407cfa66100a7f8e93369cd3096d5a6e83ddf68
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
be8297f832a5a558f51fcf27c4fb3ada44f715eb578c3e01e79a00cb3bb429f4
c07d37147a78a0db0d149a563ec24f9ea233153a4f08bea22f0f778fbfd7f149
c1b356f3f76ac3ce3f19997f63fa181cb9d05cd531eb1ee612ce69a2a57fa56f
c342f1a386b2afb1fe2706298e46b870d79e74fa5753fb29b0edf5d44d9f8f2d
c3ae9577af023ddc4be33f0ef162a0e5054e42b6f097eb33f55b24b29ea10457
c40e247365d8a712662ee4991f0a78a379be4dc429f8a85dba0a27e7764410e9
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
cb94976672ba261dfdda8099c49d0254823c6116d5ba3d9a0b47a020387d15a7
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d072a4eb6891b1f3b64491e0df93ffbec094c9a1a8cc1a01e2daaeb81b9baa0a
d1490bcd5750564fff66fe6ed9f7a6616300ede521b0e5f311b6c021e6974d49
d3b44ab8927b315a48c1b2ac4e1c989eb4a44ce2ecd826c4f2fa99f994740d4b
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8878b337774bb88da6b9c6c350d9aaad1bc0d7d2fa065e1c521dfc5b27cda18
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
e0ce589690f347212349fef577ce556e36e4fa5de76e637956d91238aa1f218c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c66df4d25b6035eb85283a55895ff19cf2ff05484d01da2558b87ec0caa16b
e687c549464afcc13137cecba3a33713f79921944f5b730eb01a39264e34a311
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83
edc61a3bb4017d59cf09e9bd15d9d96413e9f7bdad07f75486b24881269ee2e1
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04d6f4e31655290294a18aff5e6d9174a2990f5550f1939f59c41f8cb451073
f05464f6e43632446385d56166a3fa95b4ad30ad8475824843d10c07c4820909
f45a8f6bde47253d6e514532b4dfc9d4e057e97e0ab02ad52a71dffa7026094c
f77913119c0f685476cccef435562099303302c2b96c2435b3e230df70498327
f9b8ec26fc043fd956a63a4b4a0eca99247a40f607ec10c08707b17920f977e5
fb3dab6d97df8490b2eed9a51459e8ed4583057083f714008f1c796b368ffded
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

donatenow.wfp.org Open in urlscan Pro 2600:9000:2156:9000:e:8540:d2c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

100 %HTTPS

40 %IPv6

44 Domains

69 Subdomains

57 IPs

7 Countries

3014 kBTransfer

7627 kBSize

54 Cookies

2 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donatenow.wfp.org Open in urlscan Pro
2600:9000:2156:9000:e:8540:d2c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

100 %
HTTPS

40 %
IPv6

44
Domains

69
Subdomains

57
IPs

7
Countries

3014 kB
Transfer

7627 kB
Size

54
Cookies

186 HTTP transactions
0 data transactions