supporters.eff.org Open in urlscan Pro
173.239.79.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://businessdatasol.com/index.php/campaigns/cg9516xmfgc1f/track-url/rz858ch5st95b/3968080cfd2dcc787026576c25e3527d51488846
Effective URL:
https://supporters.eff.org/donate/greetings--NDE
Submission: On August 31 via manual (August 31st 2022, 1:40:44 pm UTC) from FR — Scanned from FR

Summary HTTP 104 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 104 HTTP transactions. The main IP is 173.239.79.196, located in Sausalito, United States and belongs to UNWIRED, US. The main domain is supporters.eff.org.
TLS certificate: Issued by R3 on August 1st 2022. Valid for: 3 months.

This is the only time supporters.eff.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3030::6815:384a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 34	173.239.79.196 173.239.79.196	32354 (UNWIRED) (UNWIRED)
1 1	2a04:4e42:400... 2a04:4e42:400::201	54113 (FASTLY) (FASTLY)
18	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
8	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4013:c00::5c	15169 (GOOGLE) (GOOGLE)
20	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206e:c800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.149.23.244 54.149.23.244	16509 (AMAZON-02) (AMAZON-02)
104	10

2 2606:4700:3030::6815:384a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

businessdatasol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 173.239.79.196 (Sausalito, United States) 1 redirects

ASN32354 (UNWIRED, US)
PTR: vm1.eff.org

eff.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
supporters.eff.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
anon-stats.eff.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::201 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.eff.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c00::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:c800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.149.23.244 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-23-244.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	stripe.com js.stripe.com — Cisco Umbrella Rank: 1080 q.stripe.com — Cisco Umbrella Rank: 7709 r.stripe.com — Cisco Umbrella Rank: 4770 m.stripe.com — Cisco Umbrella Rank: 1025	499 KB
35	eff.org 2 redirects eff.org — Cisco Umbrella Rank: 38529 www.eff.org — Cisco Umbrella Rank: 39124 supporters.eff.org anon-stats.eff.org — Cisco Umbrella Rank: 457998	6 MB
17	google.com pay.google.com — Cisco Umbrella Rank: 3051 play.google.com — Cisco Umbrella Rank: 32	396 KB
4	gstatic.com www.gstatic.com	104 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1166	16 KB
2	businessdatasol.com 2 redirects businessdatasol.com	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
104	7

	Domain	Requested by
31	supporters.eff.org	supporters.eff.org
20	r.stripe.com	js.stripe.com
18	js.stripe.com	supporters.eff.org js.stripe.com
13	play.google.com	www.gstatic.com
8	q.stripe.com	supporters.eff.org
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com supporters.eff.org www.gstatic.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	anon-stats.eff.org	supporters.eff.org anon-stats.eff.org
2	businessdatasol.com	2 redirects
1	m.stripe.com	m.stripe.network
1	www.google-analytics.com	www.gstatic.com
1	www.eff.org	1 redirects
1	eff.org	1 redirects
104	14

This site contains links to these domains. Also see Links.

Domain
www.eff.org
about.usps.com
www.deviantart.com

Subject Issuer	Validity	Valid
supporters.eff.org R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
anon-stats.eff.org R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-15` - `2022-11-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://supporters.eff.org/donate/greetings--NDE
Frame ID: 3880FEA0CD43F034DB0E713536C3DB55
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html
Frame ID: FA599186E4CFDCF6ED7627A198061970
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html
Frame ID: 7B36B3AB4CF53F804C3621D20B685BDE
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html
Frame ID: 5296E61283AA34E585225ACB77D842CE
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: D9FC8853D213FF759235EEC1455E1F6C
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0123a3e8f28425bea4dc5ecea9ce657b.html
Frame ID: 6BE0803291E694BF857ACB6FA739F348
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4337059208F3FED007BDAEEC76B466A4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Defend Privacy and Free Speech | Electronic Frontier Foundation

Page URL History Show full URLs

http://businessdatasol.com/index.php/campaigns/cg9516xmfgc1f/track-url/rz858ch5st95b/3968080cfd2dcc7870... HTTP 301
https://businessdatasol.com/index.php/campaigns/cg9516xmfgc1f/track-url/rz858ch5st95b/3968080cfd2dcc7870... HTTP 301
https://eff.org/r.yw9r HTTP 301
https://www.eff.org/r.yw9r HTTP 301
https://supporters.eff.org/donate/greetings--NDE Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

104
Requests

100 %
HTTPS

58 %
IPv6

7
Domains

14
Subdomains

10
IPs

3
Countries

6860 kB
Transfer

9954 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.eff.org/pages/membership-faq#benefits
Title: Learn more about EFF membership?

Search URL Search Domain Scan URL

URL: https://about.usps.com/newsroom/service-alerts/international/
Title: See the U.S. Postal Service for more information.

Search URL Search Domain Scan URL

URL: https://www.eff.org/files/2022/07/05/dsc01347_1200.jpg
Title: Fuzzy Monogram

Search URL Search Domain Scan URL

URL: https://www.eff.org/files/2022/08/05/eddie-extremely_online.jpg
Title: mystery challenge

Search URL Search Domain Scan URL

URL: https://www.deviantart.com/eddiethey3t1
Title: Eddie the Y3t1

Search URL Search Domain Scan URL

URL: https://www.eff.org/files/2019/07/22/lapel_pins_sm.jpg
Title: security-themed enamel pins

Search URL Search Domain Scan URL

URL: https://www.eff.org/files/2020/07/07/back_square_white.jpg
Title: rough seas and monsters be damned

Search URL Search Domain Scan URL

URL: https://www.eff.org/copyright

Search URL Search Domain Scan URL

URL: https://www.eff.org/thanks
Title: Thanks

Search URL Search Domain Scan URL

URL: https://www.eff.org/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.eff.org/about/contact
Title: Contact EFF

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://businessdatasol.com/index.php/campaigns/cg9516xmfgc1f/track-url/rz858ch5st95b/3968080cfd2dcc787026576c25e3527d51488846 HTTP 301
https://businessdatasol.com/index.php/campaigns/cg9516xmfgc1f/track-url/rz858ch5st95b/3968080cfd2dcc787026576c25e3527d51488846 HTTP 301
https://eff.org/r.yw9r HTTP 301
https://www.eff.org/r.yw9r HTTP 301
https://supporters.eff.org/donate/greetings--NDE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request greetings--NDE Show response
supporters.eff.org/donate/
Redirect Chain

http://businessdatasol.com/index.php/campaigns/cg9516xmfgc1f/track-url/rz858ch5st95b/3968080cfd2dcc787026576c25e3527d51488846
https://businessdatasol.com/index.php/campaigns/cg9516xmfgc1f/track-url/rz858ch5st95b/3968080cfd2dcc787026576c25e3527d51488846
https://eff.org/r.yw9r
https://www.eff.org/r.yw9r
https://supporters.eff.org/donate/greetings--NDE

113 KB
19 KB

1097ms
344ms

Document
text/html

173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

7b10496bdf8e2c9e8d375c033bc9b3ca46ce9347104d7ff19203b9f8141a1c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Aug 2022 13:40:36 GMT
Etag: W/"7b10496bdf8e2c9e8d375c033bc9b3ca"
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 85ff59f8-8f2f-4a01-8417-f69f601e2ff4
X-Runtime: 0.021627
X-Xss-Protection: 1; mode=block

Redirect headers

accept-ranges: bytes
age: 165
cache-control: public, max-age=1800
content-encoding: gzip
content-length: 21
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 13:40:35 GMT
etag: "1661953070-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 31 Aug 2022 13:37:50 GMT
location: https://supporters.eff.org/donate/greetings--NDE
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Cookie,Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-content-type-options: nosniff
x-download-options: noopen
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-redirect-id: 15191
x-served-by: cache-sjc10064-SJC, cache-cdg20746-CDG
x-timer: S1661953236.883611,VS0,VE1
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
supporters.eff.org/donate/assets/ 44 KB
9 KB 163ms
162ms Stylesheet
text/css 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Aug 2022 17:29:33 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Vary: Accept-Encoding
Content-Length: 9080
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK donate-2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3.js Show response
supporters.eff.org/donate/assets/ 384 KB
120 KB 326ms
163ms Script
application/javascript 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/assets/donate-2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3.js

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Aug 2022 17:29:45 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Vary: Accept-Encoding
Content-Length: 122217
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo-donate-5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91.png
supporters.eff.org/donate/assets/ 1 KB
2 KB 316ms
162ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/logo-donate-5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1146
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK summer-greetings-2-banner.jpg
supporters.eff.org/donate/images/donate_page/555/ 535 KB
535 KB 322ms
321ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/donate_page/555/summer-greetings-2-banner.jpg

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

38988407620a6f74a9d5a4dc0579b3fe8db0c689323cbbc38d93bbd6a2dc52b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Jun 2022 17:44:18 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 547873
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK expenses-3befaa33ed42aaceaf4aa8c9f096341dbeaf2c2c011be1e79fb72453c6a95631.png
supporters.eff.org/donate/assets/ 19 KB
20 KB 162ms
162ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/expenses-3befaa33ed42aaceaf4aa8c9f096341dbeaf2c2c011be1e79fb72453c6a95631.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

3befaa33ed42aaceaf4aa8c9f096341dbeaf2c2c011be1e79fb72453c6a95631

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Aug 2021 17:02:52 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 19625
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK expenses-m-a0056a85386ded242c8e43314a359e947fbcff87960a66202e3fd9f8247e9bbc.png
supporters.eff.org/donate/assets/ 32 KB
33 KB 322ms
322ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/expenses-m-a0056a85386ded242c8e43314a359e947fbcff87960a66202e3fd9f8247e9bbc.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

a0056a85386ded242c8e43314a359e947fbcff87960a66202e3fd9f8247e9bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 Aug 2021 17:02:52 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 33111
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Multisticker_Sheet_Cream.png
supporters.eff.org/donate/images/premium/34/ 96 KB
96 KB 632ms
162ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/34/Multisticker_Sheet_Cream.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

6f44096f5accf771bbe7ea77ead7ae352f8fa801ce7e26735174687df7118c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Jun 2022 23:03:02 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 97866
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fuzzy_Monogram_T-Shirts.jpg
supporters.eff.org/donate/images/premium/35/ 704 KB
705 KB 654ms
163ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/35/Fuzzy_Monogram_T-Shirts.jpg

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

774807e7b83672f0cc75740aa6dc8ee6338335345ec188eb2dcc190935c68299

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 Jul 2022 00:05:45 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 721317
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022-membership-fuzzshirt_callout.png
supporters.eff.org/donate/images/premium/35/ 158 KB
159 KB 798ms
164ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/35/2022-membership-fuzzshirt_callout.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

3ec4e5df4a1f7a6cf6eed10505edb3ec832f6dc5b4557efc2737b7097f07c075

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jul 2022 18:32:20 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 162090
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Extremely_Grey_Blue_2898.JPG
supporters.eff.org/donate/images/premium/25/ 1 MB
1 MB 166ms
165ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/25/Extremely_Grey_Blue_2898.JPG

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

4bbec991a5ad18343b65d1b38fa4c1d3edafcfad25ccc5a122a9da51b3f5d070

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 05 Aug 2022 22:02:43 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1176232
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022-membership-defconshirt.png
supporters.eff.org/donate/images/premium/25/ 80 KB
81 KB 164ms
163ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/25/2022-membership-defconshirt.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

ec1c4d0b202f186d726a97c582d9eac8514af88da978eae4d7421b6dc7a4a55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 30 Jul 2022 20:33:27 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 82315
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Fuzzy-Extremely_3196.JPG
supporters.eff.org/donate/images/premium/20/ 1 MB
1 MB 162ms
162ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/20/Fuzzy-Extremely_3196.JPG

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

f501d53dffcabd35a14fc98557e1a383002369e3075a4409799a458415e4a55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 05 Aug 2022 22:03:08 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1099226
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK defcon_monogram_shirts.png
supporters.eff.org/donate/images/premium/20/ 148 KB
148 KB 234ms
234ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/20/defcon_monogram_shirts.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

b0b008389fb345e5978872aae4d9781860343d824199b06be85bb2b5055dbee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Aug 2022 17:12:11 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 151562
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022-membership-defconshirt_pins.png
supporters.eff.org/donate/images/premium/26/ 152 KB
152 KB 223ms
223ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/26/2022-membership-defconshirt_pins.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

bdaad88521e17ec4636b0d5f9fe2a45a477ab1f748ff2ccbeb20ead314e7f8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 30 Jul 2022 23:33:59 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 155390
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022-membership-fuzzyshirt_pins.png
supporters.eff.org/donate/images/premium/36/ 207 KB
207 KB 164ms
163ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/36/2022-membership-fuzzyshirt_pins.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

b32262390361b66dcc5bd0161470f38595c5294d32063bccdf1baa08d94e045e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jul 2022 18:34:09 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 211641
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Hoodie_Front_and_Back_White_1200.jpg
supporters.eff.org/donate/images/premium/22/ 675 KB
676 KB 163ms
163ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/22/Hoodie_Front_and_Back_White_1200.jpg

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

4a97559805aed5316d4e2c8120562b58e6c06342ce2c3a98d50e3a2168356fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Jul 2020 20:04:17 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 691547
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Back_Square_White_300.jpg
supporters.eff.org/donate/images/premium/22/ 77 KB
78 KB 165ms
164ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/22/Back_Square_White_300.jpg

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

20fa743d3b4279272a83134dd387ff44142ad81033e8520396ffeb13b06c5543

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 07 Jul 2020 18:00:04 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 79151
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022-GuardianMembership-Card-Shirt.jpg
supporters.eff.org/donate/images/premium/38/ 66 KB
66 KB 168ms
167ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/38/2022-GuardianMembership-Card-Shirt.jpg

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

c6bec14fdc88b32d33b434bf5a27e7b9ff27f9aa6e9f80df9502c51416bc5d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Aug 2022 19:19:54 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 67230
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022-GuardianMembershipBundle.jpg
supporters.eff.org/donate/images/premium/37/ 209 KB
209 KB 163ms
162ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/images/premium/37/2022-GuardianMembershipBundle.jpg

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

e830f611f3b93a2a53b343dcb2beba237ace11b168b83e5a0292ad088b91800d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 25 Aug 2022 19:20:53 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 213798
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cc-by-logo-27b8bc90586997cd048aa31c2338ce28ba2404aa76dc36fdca0a52f42c804ebf.png
supporters.eff.org/donate/assets/ 5 KB
5 KB 164ms
164ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/cc-by-logo-27b8bc90586997cd048aa31c2338ce28ba2404aa76dc36fdca0a52f42c804ebf.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

27b8bc90586997cd048aa31c2338ce28ba2404aa76dc36fdca0a52f42c804ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/greetings--NDE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 4739
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK matomo.js Show response
anon-stats.eff.org/ 61 KB
61 KB 1720ms
326ms Script
application/javascript 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://anon-stats.eff.org/matomo.js

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self'; img-src 'self' data:; font-src 'self'; connect-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 Jan 2021 01:54:43 GMT
Server: nginx
ETag: "6000f5e3-f21c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Content-Security-Policy: default-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' 'self'; style-src 'unsafe-inline' 'self'; img-src 'self' data:; font-src 'self'; connect-src 'self'
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 61980
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK summer-site-donate-bg-a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c.jpg
supporters.eff.org/donate/assets/ 45 KB
46 KB 631ms
330ms Image
image/jpeg 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/summer-site-donate-bg-a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c.jpg

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Jun 2021 22:10:49 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 46296
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Montserrat-Light-263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8.woff
supporters.eff.org/donate/assets/ 22 KB
23 KB 300ms
162ms Font
application/font-woff 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/assets/Montserrat-Light-263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8.woff

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
Origin: https://supporters.eff.org
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 22964
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Montserrat-SemiBold-ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9.woff
supporters.eff.org/donate/assets/ 31 KB
31 KB 464ms
163ms Font
application/font-woff 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/assets/Montserrat-SemiBold-ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9.woff

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
Origin: https://supporters.eff.org
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 31232
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK LatoLatin-Regular-9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be.woff
supporters.eff.org/donate/assets/ 71 KB
71 KB 642ms
324ms Font
application/font-woff 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/assets/LatoLatin-Regular-9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be.woff

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
Origin: https://supporters.eff.org
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 72456
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Montserrat-Black-bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7.woff
supporters.eff.org/donate/assets/ 20 KB
21 KB 484ms
165ms Font
application/font-woff 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/assets/Montserrat-Black-bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7.woff

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
Origin: https://supporters.eff.org
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 20780
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK radio-unselected-f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec.png
supporters.eff.org/donate/assets/ 1 KB
2 KB 164ms
163ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/radio-unselected-f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1411
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK expand-5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4.png
supporters.eff.org/donate/assets/ 629 B
1 KB 167ms
167ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/expand-5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Oct 2020 18:18:05 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 629
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK chevron-down-7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf.png
supporters.eff.org/donate/assets/ 2 KB
2 KB 162ms
162ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/chevron-down-7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1689
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK radio-selected-1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4.png
supporters.eff.org/donate/assets/ 2 KB
2 KB 165ms
165ms Image
image/png 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supporters.eff.org/donate/assets/radio-selected-1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4.png

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1573
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Montserrat-Regular-8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e.woff
supporters.eff.org/donate/assets/ 23 KB
23 KB 574ms
327ms Font
application/font-woff 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL

https://supporters.eff.org/donate/assets/Montserrat-Regular-8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e.woff

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),

Reverse DNS

vm1.eff.org

Software

nginx /

Resource Hash

8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://supporters.eff.org/donate/assets/donate-2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f.css
Origin: https://supporters.eff.org
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 13:40:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 May 2020 18:43:38 GMT
Server: nginx
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff
X-Permitted-Cross-Domain-Policies: none
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 23148
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
js.stripe.com/v3/ 326 KB
79 KB 142ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?_=1661953237663

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/assets/donate-2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7d831769f296077006b3b10236c53139101796b4a0a5d2781bc11d0d4f3516e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://supporters.eff.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 50
x-cache: HIT
content-length: 80732
etag: "b7c642e144f1364ca89e0757b3014f9f"
x-request-id: e5580729-5ad8-4fe5-b821-a488209c46e3
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 21:23:13 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 controller-d48dde5d343a266f77051f3de5725dd4.html Show response
js.stripe.com/v3/ Frame FA59 297 B
607 B 19ms
19ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1661953237663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8fca3c4a3655cea1c3fa160d3c2721b5c134355ccf99e3d92307ca94526955b4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://supporters.eff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 59
cache-control: max-age=60
content-encoding: br
content-length: 143
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 13:40:37 GMT
etag: "d48dde5d343a266f77051f3de5725dd4"
last-modified: Tue, 30 Aug 2022 20:46:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 25
x-content-type-options: nosniff
x-request-id: 6542b6e7-f1fe-4012-8b5e-82f4d043587f
x-served-by: cache-cdg20741-CDG

GET
H2 200 elements-inner-card-35bc1f25571cb02a212ab1b530373190.html Show response
js.stripe.com/v3/ Frame 7B36 756 B
1009 B 19ms
19ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1661953237663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

33c50a8a3c4f7f5c476066a1cc9ccdd1b5b4a14483b75fba0099bab5d6dc5f46

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://supporters.eff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 60772
cache-control: max-age=31536000
content-encoding: br
content-length: 283
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 13:40:37 GMT
etag: "35bc1f25571cb02a212ab1b530373190"
last-modified: Tue, 30 Aug 2022 20:46:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4866
x-content-type-options: nosniff
x-request-id: 87dc022d-43fe-4654-9563-978fbf94ab9a
x-served-by: cache-cdg20741-CDG

GET
H2 200 payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html Show response
js.stripe.com/v3/ Frame 5296 380 B
1 KB 20ms
19ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1661953237663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5875bf8b1971ab816f8a2ba94d74242d5813dc870a099c31f213a417a3ecdd1a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://supporters.eff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5
cache-control: max-age=60
content-encoding: br
content-length: 174
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 13:40:37 GMT
etag: "7ad6c6e233ecc39d970fecc2b61723fe"
last-modified: Tue, 30 Aug 2022 20:46:11 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 77f34d5a-6037-4cdb-8dde-150416bc03d5
x-served-by: cache-cdg20741-CDG

POST
H2 200 csp-report
q.stripe.com/ Frame FA59 0
570 B 514ms
160ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-7690955da3699aa90df786728aba4127.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FA59 266 KB
62 KB 20ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16d6091f79a988b35a189aa18201f00d97eb52de33833e8ced419d1ac07d39ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 23
x-cache: HIT
content-length: 63748
etag: "d743ec186214fa56c75e903f6b977a8a"
x-request-id: fa0dc559-d4c7-44a4-b66a-b780293031e3
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:11 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 controller-e2a3e984b820f7b2977b72842c266765.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FA59 376 KB
92 KB 26ms
26ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-e2a3e984b820f7b2977b72842c266765.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5329023ba693da503a93c298346845e5c29d8c57a4184a71b38b1a646f6a3675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 29
x-cache: HIT
content-length: 94291
etag: "3d1b602fbce3e1c4a73ee8fb650e104c"
x-request-id: 8875ec3e-b92a-4ded-b348-6ab54c76655c
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:09 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

POST
H2 200 csp-report
q.stripe.com/ Frame 7B36 0
570 B 511ms
161ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7B36 0
570 B 666ms
315ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame 7B36 19 KB
3 KB 39ms
37ms Stylesheet
text/css 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: HIT
content-length: 2761
etag: "ac79e433d75898d8e3712ae684cf6c65"
x-request-id: 4d3d78c4-1c16-4ee5-91c5-422415a22f36
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Mon, 15 Aug 2022 20:16:55 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 elements-inner-card-e027c43d873d66e9278cc45918746cfd.css
js.stripe.com/v3/fingerprinted/css/ Frame 7B36 6 KB
1 KB 44ms
43ms Stylesheet
text/css 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-e027c43d873d66e9278cc45918746cfd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9028691aaafdcbba25e0fc8e7867044e86dd25efad1f9edeb848499babfea23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 24
x-cache: HIT
content-length: 1064
etag: "43a62ceb376c398b56fffc38d8e8c10d"
x-request-id: 22fffed4-58ee-47f9-bf46-d3072e4aa92e
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Mon, 29 Aug 2022 22:32:29 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 shared-7690955da3699aa90df786728aba4127.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B36 266 KB
62 KB 44ms
43ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16d6091f79a988b35a189aa18201f00d97eb52de33833e8ced419d1ac07d39ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 23
x-cache: HIT
content-length: 63748
etag: "d743ec186214fa56c75e903f6b977a8a"
x-request-id: 18755af8-8788-4f74-8497-c4ba6d426bdc
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:11 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 ui-shared-16879db74ed0c90224c0eed95f78e13d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B36 201 KB
58 KB 40ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-16879db74ed0c90224c0eed95f78e13d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dc4dfa380d7552d3f99a6dc991a4149023c9def7dc1cdb169bc6f6dc122dad1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 26
x-cache: HIT
content-length: 59059
etag: "1dbf4c95df55b6107baa0850aa7229cf"
x-request-id: d7fbc3f1-588e-4c9c-b680-fe9fdd3ae742
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:11 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 elements-inner-card-22fe8122f77ea8acb53c0b1e93a4da28.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B36 53 KB
14 KB 39ms
38ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-22fe8122f77ea8acb53c0b1e93a4da28.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

771e7a8e4f3eac72f0a20eaaaaf1632a93803a2dc283fd539c0e9d8486a44ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-35bc1f25571cb02a212ab1b530373190.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: HIT
content-length: 14126
etag: "56a4d4538c84dd4cbe9883f9868cb803"
x-request-id: d963143c-d85f-42ca-b154-34d5b4cb46c4
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:09 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

POST
H2 200 csp-report
q.stripe.com/ Frame 5296 0
571 B 507ms
160ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5296 0
570 B 663ms
316ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 5296 100 KB
33 KB 151ms
80ms Script
application/javascript 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97e5934d11b8de590972e72a1f4ee81a367b672c4db5ff1e2a39b9a18ad900b2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-eEFbXQtsmSypore2GJ1NZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-eEFbXQtsmSypore2GJ1NZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
expires: Wed, 31 Aug 2022 13:40:38 GMT

GET
H2 200 shared-7690955da3699aa90df786728aba4127.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5296 266 KB
62 KB 43ms
42ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16d6091f79a988b35a189aa18201f00d97eb52de33833e8ced419d1ac07d39ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 23
x-cache: HIT
content-length: 63748
etag: "d743ec186214fa56c75e903f6b977a8a"
x-request-id: 10892555-e73b-4352-9760-80eeb33b5392
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:11 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 payment-request-inner-google-pay-bb508d318113f25433485dad8fb5b7ae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5296 14 KB
5 KB 52ms
52ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-bb508d318113f25433485dad8fb5b7ae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2f158b5aed21d628ff55edbfe22975b99d8784874f87bc390a0e23165fef6d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ad6c6e233ecc39d970fecc2b61723fe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 11
x-cache: HIT
content-length: 4841
etag: "1ebc13e5db15b3845c9be761b6e13123"
x-request-id: e9970278-046d-41d9-a791-6de078117204
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:10 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:37 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FA59 231 KB
47 KB 20ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-e2a3e984b820f7b2977b72842c266765.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 26
x-cache: HIT
content-length: 47921
etag: "ab675b71d19378124fcdf3c0f6dad353"
x-request-id: 923a0c0f-e4f8-429c-86e2-28f548650b2f
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 16 Aug 2022 18:07:37 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:38 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FA59 2 KB
898 B 20ms
20ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-e2a3e984b820f7b2977b72842c266765.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 41
x-cache: HIT
content-length: 770
etag: "f1717e2e478c68d16ccd7b37768700be"
x-request-id: 987e7757-1e8f-48a2-81ef-72d52c6056df
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Mon, 15 Aug 2022 20:17:03 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:38 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame FA59 474 B
604 B 58ms
19ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

645bc586199198eb8146b1c898134eda0b5119f9676168b2384c6b7c9932eef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d48dde5d343a266f77051f3de5725dd4.html
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: br
vary: Accept-Encoding
age: 41
x-cache: HIT
content-length: 294
x-request-id: 99ffdb1c-85ce-4595-bc36-d93c1f62045e
x-served-by: cache-cdg20728-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 21:23:34 GMT
server: Fastly
etag: "1a524881234b67909bccc96d896ca72b"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 652ms
319ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 653ms
321ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 803ms
471ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 653ms
321ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 649ms
318ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 649ms
318ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 650ms
319ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
128 B 647ms
317ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 650ms
320ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 648ms
318ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 648ms
319ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 649ms
320ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 649ms
320ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 799ms
471ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 800ms
472ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 649ms
321ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame D9FC 18 KB
8 KB 78ms
77ms Document
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eca72c765c2994f406396697d17b053af0de6aed4ace8d2e029ebadd35f64641

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-LfDakv7utxb-1DPijc1MYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-LfDakv7utxb-1DPijc1MYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Wed, 31 Aug 2022 13:40:38 GMT
expires: Wed, 31 Aug 2022 13:40:38 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame D9FC 2 KB
2 KB 27ms
26ms Other
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj... Frame D9FC 153 KB
55 KB 91ms
27ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338d8c8f1490051e1428c3eb099a5301292f6183991921bb23c7aabaf8e87f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55184
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 03:20:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:31:27 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.PtH... Frame D9FC 78 KB
28 KB 82ms
28ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.PtHoOSvAx38.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwVFSsiu5kAJo2wJroOUYm-zCjVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edec94ccde1fe3436664bf0dc1469bc15496b95cea53316b3114276efeb37fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28905
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 03:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:39:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D9FC 49 KB
20 KB 87ms
26ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.PtHoOSvAx38.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwVFSsiu5kAJo2wJroOUYm-zCjVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2318
date: Wed, 31 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 31 Aug 2022 15:02:00 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame D9FC 1 MB
352 KB 77ms
77ms XHR
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a6aefdd150c9bd182e4dcdade29aafb75457007ddb6e3d65f59b880de845eaa

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-_dECcZpnbmGE1QNobI_yrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Wed, 31 Aug 2022 13:40:38 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-_dECcZpnbmGE1QNobI_yrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires: Wed, 31 Aug 2022 13:40:38 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.PtH... Frame D9FC 18 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.PtHoOSvAx38.L.B1.O/am=B4A/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwVFSsiu5kAJo2wJroOUYm-zCjVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcdcda221bb883f5127c7112ca5d3a6fe2c03ad71e63cd742cd8215706fd9eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7388
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 03:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:39:24 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.PtH... Frame D9FC 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.PtHoOSvAx38.L.B1.O/am=B4A/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjwVFSsiu5kAJo2wJroOUYm-zCjVQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c72681effed0c4f7d656cd6d89773d33808a525f54fc20a4c9bd6517678ceea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 16:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 03:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 16:39:24 GMT

POST
H3 200 log Show response
play.google.com/ Frame D9FC 131 B
155 B 116ms
62ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 31 Aug 2022 13:40:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 119ms
59ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 31 Aug 2022 13:40:38 GMT
expires: Wed, 31 Aug 2022 13:40:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D9FC 131 B
155 B 116ms
63ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 31 Aug 2022 13:40:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 114ms
59ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 31 Aug 2022 13:40:38 GMT
expires: Wed, 31 Aug 2022 13:40:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D9FC 131 B
155 B 116ms
64ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 31 Aug 2022 13:40:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 112ms
60ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 31 Aug 2022 13:40:38 GMT
expires: Wed, 31 Aug 2022 13:40:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D9FC 131 B
155 B 117ms
64ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 31 Aug 2022 13:40:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 107ms
60ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 31 Aug 2022 13:40:38 GMT
expires: Wed, 31 Aug 2022 13:40:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D9FC 131 B
155 B 115ms
63ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 31 Aug 2022 13:40:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
59ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 31 Aug 2022 13:40:38 GMT
expires: Wed, 31 Aug 2022 13:40:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D9FC 131 B
155 B 110ms
61ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 31 Aug 2022 13:40:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
65ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 31 Aug 2022 13:40:38 GMT
expires: Wed, 31 Aug 2022 13:40:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 243ms
243ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 243ms
243ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 242ms
242ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:38 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame D9FC 131 B
671 B 121ms
62ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Cr9Opnkn4Lo.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjrtUJfqdXnIyHGrMMOLGpcj_iHOg/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 31 Aug 2022 13:40:38 GMT

POST
H/1.1 204
No Response matomo.php
anon-stats.eff.org/ 0
0 241ms
240ms Ping
text/html 173.239.79.196
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL: https://anon-stats.eff.org/matomo.php?action_name=Defend%20Privacy%20and%20Free%20Speech%20%7C%20Electronic%20Frontier%20Foundation&idsite=43&rec=1&r=052468&h=13&m=40&s=39&url=https%3A%2F%2Fsupporters.eff.org%2Fdonate%2Fgreetings--NDE&_id=e6673331171f3f55&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=HW1z1P&pf_net=754&pf_srv=343&pf_tfr=3&pf_dm1=729
Requested by: Host: anon-stats.eff.org
URL: https://anon-stats.eff.org/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.239.79.196 Sausalito, United States, ASN32354 (UNWIRED, US),
Reverse DNS: vm1.eff.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://supporters.eff.org/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2 200 m-outer-0123a3e8f28425bea4dc5ecea9ce657b.html Show response
js.stripe.com/v3/ Frame 6BE0 186 B
842 B 19ms
19ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0123a3e8f28425bea4dc5ecea9ce657b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?_=1661953237663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7e3a8d8b689dde07bf9f25459a81757fa19f2a18fa788a190bb65dd4a9552919

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://supporters.eff.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 60801
cache-control: max-age=31536000
content-encoding: br
content-length: 114
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 13:40:39 GMT
etag: "0123a3e8f28425bea4dc5ecea9ce657b"
last-modified: Tue, 30 Aug 2022 20:46:11 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 35616
x-content-type-options: nosniff
x-request-id: d3b9d86d-d694-45da-836d-964dd7986c29
x-served-by: cache-cdg20741-CDG

POST
H2 200 0 Show response
r.stripe.com/ Frame FA59 0
127 B 162ms
161ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7690955da3699aa90df786728aba4127.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 31 Aug 2022 13:40:39 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 6BE0 0
570 B 160ms
160ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:39 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6BE0 0
570 B 159ms
159ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Aug 2022 13:40:39 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-314b66fb24b65b43d1030b87357546eb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6BE0 526 B
535 B 19ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-314b66fb24b65b43d1030b87357546eb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0123a3e8f28425bea4dc5ecea9ce657b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/m-outer-0123a3e8f28425bea4dc5ecea9ce657b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 26
x-cache: HIT
content-length: 256
etag: "d96c709017743c0759cf3853d1806ba5"
x-request-id: 4c1c1c70-33dc-467b-b5c6-65858d1c579b
x-served-by: cache-cdg20741-CDG
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 20:46:10 GMT
server: Fastly
date: Wed, 31 Aug 2022 13:40:39 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 65

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4337 930 B
2 KB 173ms
35ms Document
text/html 2600:9000:206e:c800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-314b66fb24b65b43d1030b87357546eb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:c800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 10
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 13:40:30 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
x-amz-cf-id: dpQGqo0hTL4c9nCJg0OVXp3pgE6dAXdzUUVQWysuovBZ3bkYYg_6lA==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 4337 0
344 B 160ms
159ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: supporters.eff.org
URL: https://supporters.eff.org/donate/greetings--NDE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 13:40:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 4337 86 KB
14 KB 41ms
41ms Script
text/javascript 2600:9000:206e:c800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:c800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 292
date: Wed, 31 Aug 2022 13:35:52 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 3eIcJy2CUY-95y3Y9gbvJn3Po0Zo6G6qdp1p7flQTqkjHCk4dMUnKw==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 6 Show response
m.stripe.com/ Frame 4337 156 B
522 B 539ms
181ms XHR
application/json 54.149.23.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.23.244 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-23-244.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

acd90056c2b711caf887edc00bb5521e1b10e68b7bdd1836a94e3b64bb42b6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 13:40:40 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
businessdatasol.com/	1969-12-31 23:59:59	Name: mwsid Value: 9889cd4d2a092f0172904a0069d46272
supporters.eff.org/	1969-12-31 23:59:59	Name: _donate_session Value: VHljU1lIV3NLd1BleHJZRVBSY2grM29YZ1YwMWFEVlRuek5TM0N1UHpFTWFYYmtxVmErWmsvYlpHakFrNG14dS9FdG5qRU5HTlp1MGUxT05Bb2x4dzk3RmxXczdmN2RoVXpCK3k1Z3o4QklqTmtGQ2ZGcWgySnlRNVlKd3c5QUtSYVNaejVOcEZFWUlSa2ppOEN0NFRSUHdTUUo5Q0Q0QTFDY1p2WTdSYzgxVlI0ZUQ2WU5weE1odXRaS29tNm5FcWRzcklHQ2VlT1A0RGwwQzFtcGZYQnRTMU9vTFhCdFhObWRSUHJSSnRwbz0tLXpvZnJKWkdEaDFWMTFHTFZYK0k3TEE9PQ%3D%3D--3c4896c614330ec11be822d2f9dd23af583b14f3
.google.com/	1970-01-20 10:02:44	Name: NID Value: 511=LVk1fLd8gfnQJt8nglRpFmUBUjZ4tAZwfX2FWGVW-fJl_bWC2MKQ5_XjSEynzwfos3BmPpg3hBoBxfciSthZw17ewl6nu7_bgJbSDIztVoD1nVtooYobByMdwuox4Umvx6UKwayYaSwPMDrGMJ28kN5o4O4hSo5KmnGUi06Ce8U
supporters.eff.org/	1970-01-20 15:05:08	Name: _pk_id.43.617c Value: e6673331171f3f55.1661953240.
supporters.eff.org/	1970-01-20 05:39:15	Name: _pk_ses.43.617c Value: 1
m.stripe.com/	1970-01-20 15:15:13	Name: m Value: 8cac150a-c0e5-400d-b249-c51bfdd6ec15d84808
.supporters.eff.org/	1970-01-20 14:24:49	Name: __stripe_mid Value: 0d973898-c9ef-4cd3-ad70-772997b9a3492059d4
.supporters.eff.org/	1970-01-20 05:39:15	Name: __stripe_sid Value: d4e0984b-4f3a-4b4d-8feb-12b9d244065ab1af29

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anon-stats.eff.org
businessdatasol.com
eff.org
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
supporters.eff.org
www.eff.org
www.google-analytics.com
www.gstatic.com
151.101.64.176
173.239.79.196
2600:9000:206e:c800:19:7d10:bd80:93a1
2606:4700:3030::6815:384a
2a00:1450:4001:801::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4013:c00::5c
2a04:4e42:400::201
54.149.23.244
54.187.119.242
54.187.159.182
1517744e453bd4e52b70768ab643bf3ed4fcea9bc32a3c5a107a15a370f9e2f4
16d6091f79a988b35a189aa18201f00d97eb52de33833e8ced419d1ac07d39ac
20fa743d3b4279272a83134dd387ff44142ad81033e8520396ffeb13b06c5543
263fdab8f1737fc885f6c9335f83c2c4b6babf21029fa8b32882b4e5245841f8
2764cd8c14949418340f70481e4c7853af4c00e33a32f9914ba070961b394f1f
27b8bc90586997cd048aa31c2338ce28ba2404aa76dc36fdca0a52f42c804ebf
2e3c657e8c73e8dd3651917af0fde1230abff8b9efa0730fc43d565444ed33e3
2f158b5aed21d628ff55edbfe22975b99d8784874f87bc390a0e23165fef6d26
338d8c8f1490051e1428c3eb099a5301292f6183991921bb23c7aabaf8e87f84
33c50a8a3c4f7f5c476066a1cc9ccdd1b5b4a14483b75fba0099bab5d6dc5f46
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
382843b96a3a0f2c2b38c583563caad12733ae44b4b5f1b97abe948fc461596f
38988407620a6f74a9d5a4dc0579b3fe8db0c689323cbbc38d93bbd6a2dc52b4
3a6aefdd150c9bd182e4dcdade29aafb75457007ddb6e3d65f59b880de845eaa
3befaa33ed42aaceaf4aa8c9f096341dbeaf2c2c011be1e79fb72453c6a95631
3c72681effed0c4f7d656cd6d89773d33808a525f54fc20a4c9bd6517678ceea
3ec4e5df4a1f7a6cf6eed10505edb3ec832f6dc5b4557efc2737b7097f07c075
4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175
4a97559805aed5316d4e2c8120562b58e6c06342ce2c3a98d50e3a2168356fb3
4bbec991a5ad18343b65d1b38fa4c1d3edafcfad25ccc5a122a9da51b3f5d070
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5329023ba693da503a93c298346845e5c29d8c57a4184a71b38b1a646f6a3675
5875bf8b1971ab816f8a2ba94d74242d5813dc870a099c31f213a417a3ecdd1a
5a066fa15672abb1dd615d09d9c11f4f5377a67e219e663f79f49d6959e216b4
5a07d5031f8aa1931c71229dc9b77ecf545708eea04d1fbedbfad16fefb7bd91
645bc586199198eb8146b1c898134eda0b5119f9676168b2384c6b7c9932eef4
6f44096f5accf771bbe7ea77ead7ae352f8fa801ce7e26735174687df7118c7a
771e7a8e4f3eac72f0a20eaaaaf1632a93803a2dc283fd539c0e9d8486a44ca0
774807e7b83672f0cc75740aa6dc8ee6338335345ec188eb2dcc190935c68299
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7b10496bdf8e2c9e8d375c033bc9b3ca46ce9347104d7ff19203b9f8141a1c26
7d831769f296077006b3b10236c53139101796b4a0a5d2781bc11d0d4f3516e4
7e3a8d8b689dde07bf9f25459a81757fa19f2a18fa788a190bb65dd4a9552919
7e78b06a8cd380f1f652104b9d72450f7b33b0320920aee80a9d3bcfaafad4bf
8a0535c1c807198ae36f548da42ac7ccfe6639fd4ecc92cd84e06a02fdb28b4e
8fca3c4a3655cea1c3fa160d3c2721b5c134355ccf99e3d92307ca94526955b4
9028691aaafdcbba25e0fc8e7867044e86dd25efad1f9edeb848499babfea23a
97e5934d11b8de590972e72a1f4ee81a367b672c4db5ff1e2a39b9a18ad900b2
9c46f7929b08c87518aa7efbbf1601e485eeed829f149e3f01beb50120cdb3be
a0056a85386ded242c8e43314a359e947fbcff87960a66202e3fd9f8247e9bbc
a1887c55de0764af17dbed340d52ca2edc2f04ab5f4d9f4429c2e834859c3f2c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ac6a49550c1f39861772c79f9f867e79f3f6b59c633772d1a05cc5abec7619c9
acd90056c2b711caf887edc00bb5521e1b10e68b7bdd1836a94e3b64bb42b6d9
b0b008389fb345e5978872aae4d9781860343d824199b06be85bb2b5055dbee0
b32262390361b66dcc5bd0161470f38595c5294d32063bccdf1baa08d94e045e
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bd955e2e08638c8692c22985f6f04b298dbdf224f83f0759fa2532f3a6694dc7
bdaad88521e17ec4636b0d5f9fe2a45a477ab1f748ff2ccbeb20ead314e7f8d2
c6bec14fdc88b32d33b434bf5a27e7b9ff27f9aa6e9f80df9502c51416bc5d35
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dc4dfa380d7552d3f99a6dc991a4149023c9def7dc1cdb169bc6f6dc122dad1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e830f611f3b93a2a53b343dcb2beba237ace11b168b83e5a0292ad088b91800d
ec1c4d0b202f186d726a97c582d9eac8514af88da978eae4d7421b6dc7a4a55f
eca72c765c2994f406396697d17b053af0de6aed4ace8d2e029ebadd35f64641
edec94ccde1fe3436664bf0dc1469bc15496b95cea53316b3114276efeb37fab
f0fc2350f7ed98541e14cc4320ecba6f2e3496498f262cabf2cbd15e2e3359ec
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f501d53dffcabd35a14fc98557e1a383002369e3075a4409799a458415e4a55d
fcdcda221bb883f5127c7112ca5d3a6fe2c03ad71e63cd742cd8215706fd9eb7

supporters.eff.org Open in urlscan Pro 173.239.79.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

58 %IPv6

7 Domains

14 Subdomains

10 IPs

3 Countries

6860 kBTransfer

9954 kBSize

8 Cookies

11 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

supporters.eff.org Open in urlscan Pro
173.239.79.196 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

58 %
IPv6

7
Domains

14
Subdomains

10
IPs

3
Countries

6860 kB
Transfer

9954 kB
Size

8
Cookies

104 HTTP transactions
0 data transactions