donate.shatterproof.org Open in urlscan Pro
2606:4700::6812:1084 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.email.shatterproof.org/?qs=6e65e6a12da44fc519ea175295a9e75a352930834c1ecf7457f16fa35ebaecbcab1cb412b88ffbf9ba037b4eb8da...
Effective URL:
https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=...
Submission: On January 05 via api (January 5th 2023, 9:22:10 pm UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 21 domains to perform 147 HTTP transactions. The main IP is 2606:4700::6812:1084, located in United States and belongs to CLOUDFLARENET, US. The main domain is donate.shatterproof.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 22nd 2022. Valid for: a year.

This is the only time donate.shatterproof.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.18.12 13.111.18.12	22606 (EXACT-7) (EXACT-7)
6	2606:4700::68... 2606:4700::6812:1084	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.18.233.206 2.18.233.206	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	108.138.7.81 108.138.7.81	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.101 65.9.66.101	16509 (AMAZON-02) (AMAZON-02)
1	34.195.130.113 34.195.130.113	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.4.91 99.86.4.91	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.15.82 18.66.15.82	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
17	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
10	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
1	54.78.116.173 54.78.116.173	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223e:ce00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
24	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	54.187.232.234 54.187.232.234	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2a04:4e42:400... 2a04:4e42:400::291	54113 (FASTLY) (FASTLY)
147	34

1 13.111.18.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.s10.exacttarget.com

click.email.shatterproof.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1084 (United States)

ASN13335 (CLOUDFLARENET, US)

donate.shatterproof.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-206.deploy.static.akamaitechnologies.com

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 108.138.7.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-81.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-101.fra56.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.130.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-130-113.compute-1.amazonaws.com

apps.4sitestudios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-82.vie50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.116.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-116-173.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:ce00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.232.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-232-234.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	stripe.com js.stripe.com — Cisco Umbrella Rank: 2684 q.stripe.com — Cisco Umbrella Rank: 24056 r.stripe.com — Cisco Umbrella Rank: 8560 m.stripe.com — Cisco Umbrella Rank: 2418	594 KB
22	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2261 t.paypal.com — Cisco Umbrella Rank: 3169 c.paypal.com — Cisco Umbrella Rank: 5919 b.stats.paypal.com — Cisco Umbrella Rank: 5647 dub.stats.paypal.com — Cisco Umbrella Rank: 22405 c6.paypal.com — Cisco Umbrella Rank: 7454	336 KB
20	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4057 pay.google.com — Cisco Umbrella Rank: 4359 www.google.com — Cisco Umbrella Rank: 16 play.google.com — Cisco Umbrella Rank: 78	400 KB
7	shatterproof.org 1 redirects click.email.shatterproof.org donate.shatterproof.org	77 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
4	gstatic.com www.gstatic.com	102 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	233 B
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235 in.hotjar.com — Cisco Umbrella Rank: 2246	74 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	217 KB
4	rackcdn.com acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com — Cisco Umbrella Rank: 183202	389 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2207	33 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 3020	16 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3658	564 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 179	377 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	157 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 28978	81 KB
2	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 93813	112 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 981	396 B
1	t.co t.co — Cisco Umbrella Rank: 633	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1013	15 KB
1	4sitestudios.com apps.4sitestudios.com	2 KB
147	21

	Domain	Requested by
24	r.stripe.com	js.stripe.com
20	js.stripe.com	donate.shatterproof.org js.stripe.com
13	play.google.com	www.gstatic.com
12	www.paypal.com	donate.shatterproof.org www.paypal.com www.paypalobjects.com
10	q.stripe.com	donate.shatterproof.org
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	donate.shatterproof.org	donate.shatterproof.org acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	www.facebook.com	donate.shatterproof.org
4	pay.google.com	js.stripe.com pay.google.com donate.shatterproof.org www.gstatic.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
4	acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com	donate.shatterproof.org
2	t.paypal.com	donate.shatterproof.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.de	donate.shatterproof.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	donate.shatterproof.org www.googletagmanager.com
2	cdn.plaid.com	donate.shatterproof.org cdn.plaid.com
2	doublethedonation.com	donate.shatterproof.org
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	m.stripe.com	m.stripe.network
1	in.hotjar.com	script.hotjar.com
1	www.google.com	donate.shatterproof.org
1	analytics.twitter.com	donate.shatterproof.org
1	t.co	donate.shatterproof.org
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	apps.4sitestudios.com	donate.shatterproof.org
1	click.email.shatterproof.org	1 redirects
147	36

This site contains links to these domains. Also see Links.

Domain
www.shatterproof.org

Subject Issuer	Validity	Valid
donate.shatterproof.org Cloudflare Inc ECC CA-3	`2022-05-22` - `2023-05-22`	a year	crt.sh
*.ssl.cf5.rackcdn.com DigiCert SHA2 Secure Server CA	`2022-01-30` - `2023-01-31`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2022-06-03` - `2023-07-04`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
apps.4sitestudios.com R3	`2022-12-19` - `2023-03-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-15` - `2023-01-13`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Frame ID: A8722622611F83DE3C715994E55672CA
Requests: 54 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 93EF471B4C641E4F29688BBAAF357A69
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-6246a97a95e513ed50ad01c47f77a5b4.html
Frame ID: E164E5F2DCEC49EC7686554743EF7D8D
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html
Frame ID: 2A3F32F7E649C177D495C0F50F599888
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-2f5cd4473953a43dd5f00e2c9308b134.html
Frame ID: AE97D625D9E1E559B2F4CE8F33A15494
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: FBD9B6C95E02ECBD28BC7FC485CE1CFA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FD976156EBC425EE47ABEE56E0C68EED
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 324407707A5F4DD1CD80D18495B4A28B
Requests: 14 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRnSmV4OERnNU1qdGwwOENld2FMdFRCcmR0N0V4UjduMHhZMjFsWUhpSVBiT20ySjVKWmVXcnlGbUd6RndCaWpmdE9LSWNHcFFfZkYzcU8mZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0JmVuYWJsZS1mdW5kaW5nPXZlbm1vJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2pwbG5hZWx0eGRycnp6d2lzaWxkYmp6endxeGRwbiJ9fQ&clientID=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&sdkCorrelationID=03a72a4a095b3&storageID=uid_860d7bbf07_mje6mji6mdu&sessionID=uid_f3cb23386a_mje6mji6mdu&buttonSessionID=uid_f0af9fdb08_mje6mji6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: B2E4408AD3FFC624EF84C0D8041B5166
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 18F2320AF848136BDAA6568AC7E28BD6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html
Frame ID: 1B0B8AE955E9DF9B7091D90FEF1F41F4
Requests: 9 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: CD936B701BF93201700FD6FFAC463A48
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 8B41BFFD13A4AB9FBA0793CEFE1DB4F4
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS
Frame ID: A9B6AC285002B45E165F363294D8F869
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Shatterproof | Shatterproof - Reversing the Addiction Crisis in the U.S.

Page URL History Show full URLs

http://click.email.shatterproof.org/?qs=6e65e6a12da44fc519ea175295a9e75a352930834c1ecf7457f16fa35ebaecbcab1cb412... HTTP 302
https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

147
Requests

99 %
HTTPS

41 %
IPv6

21
Domains

36
Subdomains

34
IPs

6
Countries

2627 kB
Transfer

8806 kB
Size

33
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shatterproof.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.email.shatterproof.org/?qs=6e65e6a12da44fc519ea175295a9e75a352930834c1ecf7457f16fa35ebaecbcab1cb412b88ffbf9ba037b4eb8da793905185441986fa269406f0ee9c98de478 HTTP 302
https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 135

https://b.stats.paypal.com/v2/counter.cgi?p=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS

147 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
donate.shatterproof.org/page/45836/donate/
Redirect Chain

http://click.email.shatterproof.org/?qs=6e65e6a12da44fc519ea175295a9e75a352930834c1ecf7457f16fa35ebaecbcab1cb412b88ffbf9ba037b4eb8da793905185441986fa269406f0ee9c98de478
https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://dona...

65 KB
12 KB

638ms
553ms

Document
text/html

2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f98d8c43b740b592595e0c21098a62187049498f6b304cb423fb24dcec4c835

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 784f445e3d979040-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html
date: Thu, 05 Jan 2023 21:22:03 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains

Redirect headers

Cache-Control: private
Content-Length: 365
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jan 2023 21:22:02 GMT
Location: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
X-Cnection: close

GET
H/1.1 200
OK engrid.min.css
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/ 400 KB
49 KB 127ms
20ms Stylesheet
text/css 2.18.233.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/engrid.min.css?7
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: efec8346d9ccae4738cfc4434a2ee2e6937716eecbabd9481bd768fc1cd8bbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 21:22:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 16:01:50 GMT
ETag: e64e209c3364a6dcdd461f40d6e87773
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
X-Timestamp: 1667491309.52696
Cache-Control: public, max-age=857
X-Object-Meta-Enid: 1667491309324
Accept-Ranges: bytes
Connection: keep-alive, Transfer-Encoding
X-Trans-Id: tx583baad97eeb4299bf41f-0063b73f7biad3
Expires: Thu, 05 Jan 2023 21:36:20 GMT

GET
H2 200 enPage.css
donate.shatterproof.org/pageassets/css/ 45 KB
9 KB 32ms
31ms Stylesheet
text/css 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.shatterproof.org/pageassets/css/enPage.css?v=4.0.0

Requested by

Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:03 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 14:40:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
cf-ray: 784f4461bc3d9040-FRA
expires: Thu, 05 Jan 2023 21:52:03 GMT

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 145 KB
20 KB 426ms
180ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b4cb861c0a96921bd708714737d480605c5328b0be8f182c8865ca12e8b694d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:03 GMT
content-encoding: br
last-modified: Tue, 03 Jan 2023 18:31:03 GMT
server: nginx
etag: "63b47467-4ffe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20478

GET
H2 200 pagedata.js Show response
donate.shatterproof.org/page/45836/ 4 KB
1 KB 429ms
428ms Script
text/javascript 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.shatterproof.org/page/45836/pagedata.js?locale=en-US&ea.profile.id=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30700269f140fbe469badd761cedb051d77f95895b4d7381c6d305043b92aad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 784f4461bc3f9040-FRA
content-type: text/javascript

GET
H2 200 enPage.js Show response
donate.shatterproof.org/pageassets/js/ 181 KB
54 KB 576ms
575ms Script
application/javascript 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.shatterproof.org/pageassets/js/enPage.js?v=4.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bdbd136f32337863d6f54a918c6e0124b7af78a503c109711b6b4f28039126c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:03 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 14:40:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 784f4461bc409040-FRA
expires: Thu, 05 Jan 2023 21:52:03 GMT

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 431 KB
92 KB 466ms
221ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 284566894edf74d4218651b8deba4618d26f57b1f075a6d11831554e5a32d16a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:03 GMT
content-encoding: br
last-modified: Tue, 03 Jan 2023 18:31:02 GMT
server: nginx
etag: "63b47466-16eaa"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 93866

GET
H2 200 / Show response
js.stripe.com/v3/ 414 KB
100 KB 50ms
10ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

82619e72ea24127d88a954ecc399c1fdcaba555050dbc8445e8aebe93269560d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 21:21:46 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 18
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 21:03:55 GMT
server: Cloudfront
etag: W/"a8eda20e33d5d2265190a9242c8e7e3d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: SXvheVt1efPnqVQvr7owx3pLDGZ2EeQWMWD0QX0s7XjUsHcRYG4GbQ==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 108 KB
37 KB 78ms
29ms Script
application/javascript 65.9.66.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 560c84329bfb0e89f1bcac58ea5d100297fa46fea69229ca66c62a8066d232f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 15:42:54 GMT
x-amz-version-id: 6cs1M7QIwWPXWGAw7IfImTGGFE8Dr0GX
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-request-id: QC3YF6WPX9CB7G1T
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
age: 20350
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: 8KoqQxpD52svoFZV06OtDxzrz4HcM9yyaQPYmU8wNxpEFnCyUmQqKa4FY2sK0sb7mJAafR8QO1Y=
last-modified: Thu, 05 Jan 2023 15:17:24 GMT
server: AmazonS3
etag: W/"1e5846a86da39e61edb627c82b588e05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: uuCVxILOKHc5l8vfxeOYnkQ_b63hrQDDdAO4jFIgiAvCfcIdU5T65w==

GET
H/1.1 200
OK shatterproof-logo-for-donation-form-500x110.gif
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/ 6 KB
6 KB 314ms
301ms Image
image/gif 2.18.233.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/shatterproof-logo-for-donation-form-500x110.gif?v=1668523555000
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3fef45dde6feffaea476a17513892c8a5c179a90c4df67e3c5685da68f19ab83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 21:22:04 GMT
Last-Modified: Tue, 15 Nov 2022 14:45:56 GMT
ETag: 67bf7ac5a32caf92e5b2d0fc9ee78de9
Content-Type: image/gif
X-Timestamp: 1668523555.78312
Cache-Control: public, max-age=858
X-Object-Meta-Enid: 1668523555594
Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 5966
X-Trans-Id: tx7c4bb8ffef1e48759d03d-0063b73f7biad3
Expires: Thu, 05 Jan 2023 21:36:22 GMT

GET
H/1.1 200
OK we-are-the-proof-people-donation-form.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/ 272 KB
272 KB 187ms
174ms Image
image/png 2.18.233.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/we-are-the-proof-people-donation-form.png?v=1668189378000
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a4122afc209635938c0a39a89e9aa3843d0c82139eebb98bcd6e201cb4371b13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 21:22:03 GMT
Last-Modified: Mon, 14 Nov 2022 17:32:10 GMT
ETag: ee0c70a32dc9118485e2ba71e4402adf
Content-Type: image/png
X-Timestamp: 1668447129.36950
Cache-Control: public, max-age=900
X-Object-Meta-Enid: 1668447129156
Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 278494
X-Trans-Id: tx0b94a34c70144dbf8ff21-0063b73f7biad3
Expires: Thu, 05 Jan 2023 21:37:03 GMT

GET
H/1.1 200
OK engrid.min.js Show response
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/ 248 KB
61 KB 141ms
141ms Script
application/x-javascript 2.18.233.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/engrid.min.js
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9b137c618412b1987ab557737d18b2ae47b62f0837e484fa18c8eaff9aa1bd1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 21:22:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 16:01:52 GMT
ETag: d07990ce862d1fceacf58fe88050ca2c
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
X-Timestamp: 1667491311.47752
Cache-Control: public, max-age=900
X-Object-Meta-Enid: 1667491311281
Accept-Ranges: bytes
Connection: keep-alive, Transfer-Encoding
X-Trans-Id: tx9e83b0adec2e44f7a3849-0063b70d2diad3
Expires: Thu, 05 Jan 2023 21:37:03 GMT

GET
H/1.1 200
OK tidycontact-canary.js Show response
apps.4sitestudios.com/tidycontact/ 5 KB
2 KB 455ms
99ms Script
application/javascript 34.195.130.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.4sitestudios.com/tidycontact/tidycontact-canary.js
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.130.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-130-113.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: fd360a87d7ade83d735b87cbcbcbf132728c06704a05cee46e73ecd411f62edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 21:28:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Aug 2022 04:58:28 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1529-5e6cd4c742792-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2029

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1452/ 0
45 KB 7ms
7ms Other
application/javascript 65.9.66.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1452/link-dynamic-loader.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 15:42:55 GMT
x-amz-version-id: kDxCp6zE5ULR.FcXCeFaUAc9wm.2Gh44
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 20349
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 Jan 2023 15:17:24 GMT
server: AmazonS3
etag: W/"13b766a9904abebc7c1651a272216663"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-id: lFVZnHs5qu_4Xvgsg1zb5Rpbd7m2df7V1AXrnYRuS_sfu5FB26s3ig==

GET
DATA 200
OK truncated
/ 173 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c938ae1915ded12935a495124582831423abc198c3005f6433f309e1c5bfc4b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 574 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89503e24dedcf15d007e9170a55be5fe332471da9272f1340a5589c76c4beaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
81 KB 152ms
66ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWDK4TG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

729a7745f5e6c1e8cb537206c3e0d5430ace92ec3c63e6fe0e3e8a7449b08681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82793
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 21:22:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
27 KB 24ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWDK4TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 21:22:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27613
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gL7JSSAzUKVOkRb1z8y9z7tuzxgcO4ULLF0yBwyEdQO14UEY2/cSSTvvLrWJvougTeOAxzNzkSWtLL1vB/J7TQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 100ms
27ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWDK4TG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:04 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6331-VIE

GET
H2 200 hotjar-1838095.js Show response
static.hotjar.com/c/ 8 KB
4 KB 70ms
41ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1838095.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWDK4TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

72b8cd2b3610e96095372247cb9006e05f9d8266a22b0fc9716c132969b4b319

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: W/6d69adef4ac5a3aec61334195d82c4f4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5Aq-eU-OZcncGcnATe2xUoDv8Ixb4lDsBFyLPgfjZH2mxy9S7ix84w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 91ms
21ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWDK4TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 20:27:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 22:27:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 60ms
59ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCP7PTS89G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWDK4TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2b3741f54b45562bbf1ea37d94c79d0a358ec96eb311cb069fb633294a3205c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:04 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.91

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 21:22:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KhQZVbu5GPsQ/JjCadWCAaH4kqM8I31mrqhw3uAb7EPedCQpQuE8hRf/hQz/TakqGKpTC4QoWc5WkVrd273Lnw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 424086877946695 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 143ms
142ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/424086877946695?v=2.9.91&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5fea16b87d30f0203ab59b04bd7fa8728007e9dff816ea113985887ed1284b46

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 21:22:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9cebhW754g8xPQV9wOgQx7BjG+2EUzr+JZpKy8q3vkYlufZpopDRacJcn2PrNNlYpSFNaBg00pL6gGVoMU7SxQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ 264 KB
68 KB 58ms
7ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1838095.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1257299
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: HNlDdQhX_gMaBCqXHAbDZvcDa_1S1rJIIhBFxCrrrCaXFJQD_8uabQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
352 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LCP7PTS89G&gtm=2oe120&_p=1838688983&_gaz=1&cid=1551151615.1672953724&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1672953724&sct=1&seg=0&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&dt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_path=%2Fpage%2F45836%2Fdonate%2F1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCP7PTS89G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.shatterproof.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
352 B 48ms
18ms Ping
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LCP7PTS89G&cid=1551151615.1672953724&gtm=2oe120&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCP7PTS89G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.shatterproof.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 111ms
46ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LCP7PTS89G&cid=1551151615.1672953724&gtm=2oe120&aip=1&z=1493248465

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 93EF 2 KB
1 KB 89ms
17ms Document
text/html 18.66.15.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1838095.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-82.vie50.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3744718
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 62f2a061e41be90ceddd231b5157117c.cloudfront.net (CloudFront)
x-amz-cf-id: LvQoEN1memo3DB5MbEEjgExrdiBqO7PqomDpaV7cHphmlf-0n1CX7g==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 adsct
t.co/i/ 43 B
377 B 313ms
112ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=45fc14fc-eef8-41df-a8f5-d7dac8febbe2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ae39567b-f111-46e0-a013-c556e2ceee11&tw_document_href=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o329v&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 05 Jan 2023 21:22:04 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c5af5838e57370dd
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f7f23e9a6066a842039fd4b5ff81d5757e10924e76bce34a93bfdd11d7c3df3a
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 139ms
117ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=45fc14fc-eef8-41df-a8f5-d7dac8febbe2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ae39567b-f111-46e0-a013-c556e2ceee11&tw_document_href=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o329v&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 109
date: Thu, 05 Jan 2023 21:22:04 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 28fa384345476c82
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3b557faf9faee531273bc5e2a75da4615ab6ab825fdf90a3b212bd87fd559d69
content-length: 43

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 92ms
44ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1838688983&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&ul=en-us&de=UTF-8&dt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=553940146&gjid=2025506546&cid=1551151615.1672953724&tid=UA-37548047-3&_gid=748929414.1672953724&_r=1&gtm=2wg120TWDK4TG&z=26304688

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.shatterproof.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pagedata Show response
donate.shatterproof.org/page/45836/donate/1/ 223 B
542 B 469ms
469ms XHR
application/json 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.shatterproof.org/page/45836/donate/1/pagedata

Requested by

Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ef5374a08b93b61f28bad4341b68aef695272f63a708f77234509994139fc2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript
Referer: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 21:22:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 784f44690e729040-FRA
content-type: application/json

GET
H2 200 js Show response
www.paypal.com/sdk/ 304 KB
90 KB 469ms
424ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort&enable-funding=venmo&currency=USD

Requested by

Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35A6) /

Resource Hash

e22ade9eadba98e54c8c8d2dec56b3af9a1f99b4a489f554a57f15224a620a17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 014a896111473
server-timing: traceparent;desc="00-0000000000000000000014a896111473-7ae993365fbe019f-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 90977
x-xss-protection: 1; mode=block
server: ECAcc (lhd/35A6)
traceparent: 00-0000000000000000000014a896111473-0c3d54ec04549217-01
etag: W/"16361-okF2p53LHPvJNUrVd88hCy1KoJ0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
timing-allow-origin: *

GET
H2 200 controller-6246a97a95e513ed50ad01c47f77a5b4.html Show response
js.stripe.com/v3/ Frame E164 325 B
1 KB 9ms
9ms Document
text/html 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-6246a97a95e513ed50ad01c47f77a5b4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

664f99ac307aee38222e1213baa527ffef8fdcd0ab06520e5733802b5b4e23f6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 53
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 21:21:12 GMT
etag: "6246a97a95e513ed50ad01c47f77a5b4"
last-modified: Thu, 05 Jan 2023 20:35:57 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-id: 0lz6uKtpWLbpxXPLRWs6vBT1ll1vPI8qNsAy_Q9KKFDgnkfQ8ghAyg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html Show response
js.stripe.com/v3/ Frame 2A3F 408 B
1 KB 9ms
8ms Document
text/html 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

558ca78c0b9a3f4fa2ffcea24b30432c4723b363930cdc7b84c3b503184f8950

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2173
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 20:45:51 GMT
etag: "d09d8c5d7f542e5226aee0b4dbeb855e"
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-id: DkwBN4eh5yLOAnP1BJSOgcC41M9jkE7MINniu3FsXIbaR23_fQoeFQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-2f5cd4473953a43dd5f00e2c9308b134.html Show response
js.stripe.com/v3/ Frame AE97 344 B
1 KB 9ms
9ms Document
text/html 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-2f5cd4473953a43dd5f00e2c9308b134.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

46560761ac120ebbf9a1a1ca68ce1d7120c25ef1a3cae8a1d122656ca7268d7e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 34
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 21:22:04 GMT
etag: "2f5cd4473953a43dd5f00e2c9308b134"
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-id: wQ4uW06S4Wq7X1Ms7p9j5w0Dc4gQs8CrrDMJDOc8FYUFTfFmQkuwXw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame FBD9 200 B
1 KB 9ms
9ms Document
text/html 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2461
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 21:20:17 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-id: dc63blSM5sAtFDqsb6kwVhF2r_7zc_ZnnwJBdEXm9o6pt1N1yYSEWQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 trace Show response
donate.shatterproof.org/cdn-cgi/ 332 B
415 B 11ms
11ms Fetch
text/plain 2606:4700::6812:1084
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.shatterproof.org/cdn-cgi/trace

Requested by

Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10089/engrid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1084 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c09cb2eb74a80a217dab9d843e4c21ad4255cb4d394891a01d60364a22c00030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 784f446c5b6d9040-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 51ms
20ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37548047-3&cid=1551151615.1672953724&jid=553940146&gjid=2025506546&_gid=748929414.1672953724&_u=YADAAEAAAAAAACAAI~&z=629929464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 21:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.shatterproof.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame E164 0
571 B 756ms
360ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b7a6587fe63dc9eff336a5a49ba29dfe.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E164 294 KB
66 KB 9ms
9ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6246a97a95e513ed50ad01c47f77a5b4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

54cd41fcf2c58ceed967bfccbe2c8704e0b817159a328e2f521642522542136d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6246a97a95e513ed50ad01c47f77a5b4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:37:34 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 2671
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"1365a5360c06f86922e64126b691ed04"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zLJBqgbxpGNmcTEvCLUUBYrCtGsC6iZNrtT8vcBJKWVKx3hKfAa5mw==

GET
H2 200 controller-6f74256f6411380feccc22f87365e78c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E164 454 KB
110 KB 10ms
10ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-6f74256f6411380feccc22f87365e78c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6246a97a95e513ed50ad01c47f77a5b4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

833ff33a960f1d3b6a3fa614a4cecddbe373f455caced1d1a5a7ccaff59ca240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6246a97a95e513ed50ad01c47f77a5b4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:37:34 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 2671
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:05 GMT
server: Cloudfront
etag: W/"b3de9869b71592bc0beeba10f366a95e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5pIvsRg966Qqaw8JmbhobBVhDoMvNjwj-hhEHTSAz4NZzEMPL51TSw==

POST
H2 200 csp-report
q.stripe.com/ Frame 2A3F 0
571 B 795ms
401ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 42
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2A3F 0
571 B 794ms
401ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 42
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 2A3F 104 KB
33 KB 112ms
64ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51e4b766a3e61185a115ecb5116ebd2bd21e5f31f23a3aece42a0b8efc32ec43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vVurIyM4_qMSLTXDa_EQNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vVurIyM4_qMSLTXDa_EQNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 05 Jan 2023 21:22:04 GMT

GET
H2 200 shared-b7a6587fe63dc9eff336a5a49ba29dfe.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A3F 294 KB
66 KB 13ms
13ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

54cd41fcf2c58ceed967bfccbe2c8704e0b817159a328e2f521642522542136d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:37:34 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 2671
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"1365a5360c06f86922e64126b691ed04"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: bfS9qq3lc3gIveZOPLjWBAsX6UMEBQJhx8LIw-YUDdpHJteNefWwLw==

GET
H2 200 payment-request-inner-google-pay-99c838869f70f67523541090efd453da.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A3F 9 KB
4 KB 8ms
8ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-99c838869f70f67523541090efd453da.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e32865f477d26c0d291c4e95cf15e60c281cbb59fbe29f56b022f4847eb978c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-d09d8c5d7f542e5226aee0b4dbeb855e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:38:12 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 2633
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"d3c561efa04f10680a8183e01abf7035"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nzJdkSK-m-oANqeaJ1Gra__lRi5F2MzF3NOy_eV6-SGGPJT516gyxQ==

GET
H3 200 113794056660136 Show response
connect.facebook.net/signals/config/ 294 KB
84 KB 260ms
258ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/113794056660136?v=2.9.91&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d53ef05d3988c43ace3004d6f9167cce321dc86598eeee0f328192b7145ca9a9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 21:22:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DdJd3msKmtLkNF3Dyo84wck69AdNNUO6wx6EJSIOZwKUHaPvJjZ1Ml0sz2w8y+A/uytP5gTg+rzQsRc412Fryw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 36ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=424086877946695&ev=PageView&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&rl=&if=false&ts=1672953724912&sw=1600&sh=1200&v=2.9.91&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672953724911.1818126724&it=1672953724161&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 21:22:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AE97 0
571 B 771ms
390ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 32
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AE97 0
570 B 742ms
361ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b7a6587fe63dc9eff336a5a49ba29dfe.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE97 294 KB
66 KB 10ms
8ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2f5cd4473953a43dd5f00e2c9308b134.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

54cd41fcf2c58ceed967bfccbe2c8704e0b817159a328e2f521642522542136d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2f5cd4473953a43dd5f00e2c9308b134.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:37:34 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 2671
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"1365a5360c06f86922e64126b691ed04"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eUdI-vED24lZjb2a6kSLgHmZp9sXWcBZPiAw1VWTyzyq9aJb9MC8ZA==

GET
H2 200 payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE97 11 KB
5 KB 12ms
10ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-62b851077f9da9acc452dca532fa7672.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2f5cd4473953a43dd5f00e2c9308b134.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b94eb502e26770c9d54de519d7225c016d31cf33584446e77dbaefae9d7dfb13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2f5cd4473953a43dd5f00e2c9308b134.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:37:35 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 2670
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"143881bdb912f2223ebc11f7378e2f5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 9Yh9ihnZEGa9v0hW5npI50nqxNupOM_3Qs4u5HH5cgMoqMmFfb-KaQ==

POST
H2 200 csp-report
q.stripe.com/ Frame FBD9 0
571 B 777ms
400ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 41
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FBD9 0
571 B 777ms
400ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 41
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FBD9 631 B
1 KB 10ms
8ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 05 Jan 2023 20:50:12 GMT
x-content-type-options: nosniff
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2301
x-cache: Hit from cloudfront
content-length: 631
last-modified: Wed, 21 Dec 2022 18:20:44 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FpfZHFc_E3hbY8EDqv8Pt4X_uiG1oMhZFJLokSphwAvcwtGELbmrZQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 115ms
48ms Image
image/gif 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37548047-3&cid=1551151615.1672953724&jid=553940146&_u=YADAAEAAAAAAACAAI~&z=1570439425

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 103ms
49ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-37548047-3&cid=1551151615.1672953724&jid=553940146&_u=YADAAEAAAAAAACAAI~&z=1570439425

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1838095/ 148 B
322 B 102ms
34ms XHR
application/json 54.78.116.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1838095/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.116.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-116-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer: https://donate.shatterproof.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FD97 930 B
2 KB 54ms
8ms Document
text/html 2600:9000:223e:ce00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:ce00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 200
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 21:18:46 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: WdWrAwb12gWAh-w6zj355gMuBeGI0D4nf0qRU7ZK3f0bucn-NqM_2w==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E164 474 B
863 B 23ms
8ms Fetch
application/json 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-81.fra56.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ef8dc2a4877410a429b2c9a84de199ed2ff4581dde063c740e7d28ca887ddb7c

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-6246a97a95e513ed50ad01c47f77a5b4.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 21:22:00 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 21:04:43 GMT
server: Cloudfront
x-amz-cf-pop: FRA56-P6
age: 6
etag: "afadb66f80bf77ee8d89283b8994f468"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: s-EA-zgBZAxD9lUJJ7n5eN7ngR2f64Xmq3IRi1vMpsVtYAm1u1wJYg==

POST
H2 200 csp-report
q.stripe.com/ Frame FD97 0
345 B 671ms
395ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 35
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame FD97 86 KB
14 KB 9ms
9ms Script
text/javascript 2600:9000:223e:ce00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:ce00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 21:18:55 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 190
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: -X89OtzxA6GH1-lJ5ATVGq0e0ACaEhvSjejPBOuW6yrHvIuX-Ojrtw==

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 735ms
358ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 735ms
359ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 735ms
359ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 734ms
358ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 735ms
359ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 734ms
359ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 736ms
361ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
128 B 732ms
358ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 734ms
360ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 736ms
362ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 734ms
361ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 734ms
361ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 734ms
362ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 733ms
360ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 3244 18 KB
7 KB 105ms
71ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0658bad580f01029674c73756d13b09dfd074d171ecb205fa6d0365469f92f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vr2gMmq1leVavsNBg75c-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vr2gMmq1leVavsNBg75c-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 05 Jan 2023 21:22:05 GMT
expires: Thu, 05 Jan 2023 21:22:05 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame FD97 156 B
522 B 648ms
207ms XHR
application/json 54.187.232.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.232.234 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-232-234.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e9d4c5d0666527da083327f26fb2fa36485f794de264e75be5ef48eece9aa91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3244 2 KB
2 KB 17ms
16ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donate.shatterproof.org
URL: https://donate.shatterproof.org/page/45836/donate/1?utm_source=Non-Donor&ea.tracking.id=22EOY-em17-thankyou&ea.campaigner.email=K8rzGc%2Bz%2FlySKIZqtJvehaeeM77yxbyr79T%2BgEUJXTY%3D&URL=https://donate.shatterproof.org/page/45836/donate/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 3244 153 KB
55 KB 90ms
23ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh3mWFzQBdq7LtEwKF6NUvKP-FbrA/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5eeeed7433a9972da142a874a7df409dbb6fc36885fc1bfa8b6aadb374d401d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55283
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:45:44 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 17ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=113794056660136&ev=PageView&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&rl=&if=false&ts=1672953725193&sw=1600&sh=1200&v=2.9.91&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672953724911.1818126724&it=1672953724161&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 21:22:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame 3244 69 KB
25 KB 81ms
26ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrikvL2pIccN8kwzzHM7gOwhfxjP4w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/am=zAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh3mWFzQBdq7LtEwKF6NUvKP-FbrA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bad4817f7a43732724e27b898b457e4c5eb150c108359675b886daf603cc73e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26066
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:45:45 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 3244 1 MB
355 KB 71ms
71ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaeee814de1a93fb11b64056f88a8cbf8705af722f59c330e970b46bd3130fa1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-0zJfDB-5AJ3hPVAm6Re3ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-0zJfDB-5AJ3hPVAm6Re3ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 05 Jan 2023 21:22:05 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=424086877946695&ev=Microdata&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&rl=&if=false&ts=1672953725438&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.%22%2C%22meta%3Adescription%22%3A%22Shatterproof%20is%20a%20national%20nonprofit%20organization%20dedicated%20to%20transforming%20addiction%20treatment%2C%20ending%20stigma%2C%20and%20supporting%20communities.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%221%20in%2010%20Americans%20report%20having%20resolved%20a%20substance%20use%20disorder%20in%20their%20lifetime.%20%22%2C%22og%3Adescription%22%3A%22The%20overdose%20epidemic%20is%20making%20headlines%2C%20but%20what%20about%20all%20of%20those%20who%20are%20entering%20recovery%3F%20This%20month%2C%20we%E2%80%99re%20celebrating%20everyone%20who%20has%20taken%20the%20first%20step%20to%20begin%20their%20recovery%20journey.%20Give%20a%20gift%20today%20to%20celebrate%20those%20in%20recovery%20and%20help%20thousands%20who%20are%20still%20living%20with%20addiction.%20%5Cn%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Facb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com%2F10089%2FEN_Guy%2BOpening%2BCurtain.jpg%3Fv%3D1651862172000%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.91&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1672953724911.1818126724&it=1672953724161&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 21:22:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
5 KB 26ms
26ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=donate.shatterproof.org&t=xo&v=5.0.344&source=payments_sdk&client_id=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort&enable-funding=venmo&currency=USD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/358F) /

Resource Hash

55e882b39c09c243b18cee29c0de7767ade5c6fd160dc5610e402ee66888a338

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-tLmIej+wXWgeAPcHoIsWFrLhKuPv6/R9/jXKBG3FNf60To1P' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-tLmIej+wXWgeAPcHoIsWFrLhKuPv6/R9/jXKBG3FNf60To1P' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 3981
x-cache: HIT
paypal-debug-id: 030a20b387a3b
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Jan 2023 20:15:45 GMT
server: ECAcc (lhd/358F)
traceparent: 00-0000000000000000000030a20b387a3b-e338b05cc659bc04-01
etag: W/"354d-0U/y1TZOP+QgixYleMMmiVnybgE"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame B2E4 381 KB
98 KB 479ms
478ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRnSmV4OERnNU1qdGwwOENld2FMdFRCcmR0N0V4UjduMHhZMjFsWUhpSVBiT20ySjVKWmVXcnlGbUd6RndCaWpmdE9LSWNHcFFfZkYzcU8mZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0JmVuYWJsZS1mdW5kaW5nPXZlbm1vJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2pwbG5hZWx0eGRycnp6d2lzaWxkYmp6endxeGRwbiJ9fQ&clientID=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&sdkCorrelationID=03a72a4a095b3&storageID=uid_860d7bbf07_mje6mji6mdu&sessionID=uid_f3cb23386a_mje6mji6mdu&buttonSessionID=uid_f0af9fdb08_mje6mji6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/371B) /

Resource Hash

ca76fa7d6560d92382a2a04e2c0c3d0bcc035141ffb115de6b6a6441c008b33f

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 21:22:05 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5f2e6-8jrg8bNMhoHhASWITgZRUCC3Pfc"
p3p: true
paypal-debug-id: 0a19a6b4063a6
server: ECAcc (lhd/371B)
server-timing: traceparent;desc="00-00000000000000000000a19a6b4063a6-e048a5fe78dbde27-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000a19a6b4063a6-6ebb7503356073e0-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 18F2 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame 3244 23 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrikvL2pIccN8kwzzHM7gOwhfxjP4w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d795b9d0bcf61da39c36e3a8294e9c67940a5ac7c7b173bc1ee23a538383a0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9225
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:45:46 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_... Frame 3244 35 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.lzQGS9_E6Jw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.T0_UCJhd8oY.L.B1.O/am=zAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrikvL2pIccN8kwzzHM7gOwhfxjP4w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

791f63b3e64d32c66a3e3108403d64e3577826cb1e1f31a2e0b00892245d81e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 17:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13482
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:32:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 17:45:46 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3244 131 B
155 B 59ms
43ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 78ms
40ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 05 Jan 2023 21:22:05 GMT
expires: Thu, 05 Jan 2023 21:22:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3244 131 B
155 B 77ms
76ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 112ms
76ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 05 Jan 2023 21:22:05 GMT
expires: Thu, 05 Jan 2023 21:22:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3244 131 B
155 B 56ms
55ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 111ms
75ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 05 Jan 2023 21:22:05 GMT
expires: Thu, 05 Jan 2023 21:22:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3244 131 B
155 B 77ms
76ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 110ms
76ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 05 Jan 2023 21:22:05 GMT
expires: Thu, 05 Jan 2023 21:22:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3244 131 B
155 B 80ms
79ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 109ms
76ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 05 Jan 2023 21:22:05 GMT
expires: Thu, 05 Jan 2023 21:22:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1017 B
2 KB 252ms
251ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3586) /

Resource Hash

3366ae6ec68dc45af16577c69c450c206445cc4fe269ce3501b87c3cddc051c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://donate.shatterproof.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 09642a80377b9
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 609
server: ECAcc (lhd/3586)
traceparent: 00-000000000000000000009642a80377b9-b8c5ee0d1e329dc3-01
etag: W/"3f9-36Q+KaLqJmttwajXG/HvhcV76Io"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donate.shatterproof.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 228ms
208ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35FE) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donate.shatterproof.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://donate.shatterproof.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 21:22:05 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 0a712b1071080
server: ECAcc (lhd/35FE)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000a712b1071080-042f0cd2af2dd6f7-01
x-content-type-options: nosniff

POST
H3 200 log Show response
play.google.com/ Frame 3244 131 B
155 B 78ms
77ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 98ms
76ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 05 Jan 2023 21:22:05 GMT
expires: Thu, 05 Jan 2023 21:22:05 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 255ms
255ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 257ms
257ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 186ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=donate.shatterproof.org&t=xo&v=5.0.344&source=payments_sdk&client_id=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&vault=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
x-served-by: cache-sjc10081-SJC, cache-hhn-etou8220078-HHN
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1672953726.696568,VS0,VE0
etag: W/"6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1004776, 182751

GET
H2 200 ts
t.paypal.com/ 42 B
826 B 375ms
197ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ABJJEGWVMNKXCA-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ABJJEGWVMNKXCA-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=ad05f3ef-ad4d-45ca-a3a9-c55188f00c09&fltp=analytics&mrid=BJJEGWVMNKXCA&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1672953725520&g=0&completeurl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Jan 2023 21:22:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 3dd2113166e8b
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
traceparent: 00-00000000000000000003dd2113166e8b-b8cda8802d5779ff-01
x-timer: S1672953726.696304,VS0,VE170
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 21:22:05 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 424ms
424ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 423ms
422ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html Show response
js.stripe.com/v3/ Frame 1B0B 820 B
2 KB 10ms
9ms Document
text/html 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4acc4bd3ac7f5868247e30c34cd38179f96181aeef4cc92616842629dcd449c9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1845
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 20:51:20 GMT
etag: "f9f47b0137ff304f8efc2960ac8ec744"
last-modified: Thu, 05 Jan 2023 20:35:57 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-id: 5HhpMbZ7Lmczze9qtf8ty-Goomp8ur6GKrMWEwQ59eNomIq-nuFeDw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 419ms
419ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 245ms
245ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame 3244 131 B
671 B 65ms
42ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 21:22:05 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 1B0B 0
570 B 298ms
297ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1B0B 0
570 B 297ms
296ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-b7a6587fe63dc9eff336a5a49ba29dfe.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1B0B 294 KB
66 KB 13ms
12ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

54cd41fcf2c58ceed967bfccbe2c8704e0b817159a328e2f521642522542136d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:37:34 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-amz-cf-pop: FRA56-P6
age: 2672
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"1365a5360c06f86922e64126b691ed04"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: YlNCTXWxdwO0qv-ZAu4m_WCK6oIxeigyHWAy1k6Q2JP9fF4k41Up7A==

GET
H2 200 ui-shared-a42255bedb129b1f121619629d8ce51c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1B0B 237 KB
71 KB 10ms
10ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-a42255bedb129b1f121619629d8ce51c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c4d22eed230e42af5dfe752033e1859db39eeb11c0850dd82b4ed9309be1422b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 20:37:48 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: FRA56-P6
age: 2658
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
last-modified: Thu, 05 Jan 2023 20:36:07 GMT
server: Cloudfront
etag: W/"e814a556b05c27c6cc9d64fc80efcae0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pfAXp9rilsFIi1uJ0ShAriqXw4qnFTPBQIxHIV3zzIoFW-HZTZu5Rg==

GET
H2 200 elements-inner-payment-request-01cca2d8306489213afedd2fea6b31e1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1B0B 46 KB
14 KB 10ms
10ms Script
text/javascript 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-01cca2d8306489213afedd2fea6b31e1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3511a8ddf8193cfc6b052e5d92134ec5421d1520029fa62db1531a34e6b646c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 20:35:22 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2882
x-cache: Hit from cloudfront
last-modified: Wed, 04 Jan 2023 23:32:26 GMT
server: Cloudfront
etag: W/"6c38a61c7a7ab19b6dbc6b9285fe3d96"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5BnL9fqMA7EFKje8ZTau1sOud-XeP7o40OEY-Zg9hcvIVE6pdpMxVQ==

GET
H2 200 ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
js.stripe.com/v3/fingerprinted/css/ Frame 1B0B 19 KB
3 KB 9ms
9ms Stylesheet
text/css 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 21:19:58 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 150
x-cache: Hit from cloudfront
last-modified: Thu, 08 Dec 2022 20:57:41 GMT
server: Cloudfront
etag: W/"946f1f202e973574c4704321cd043858"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dPIp_MIgZZIRWWA-gBJd00htLIDh7AQKZwlHIld2QzaTzt5Gku4jxA==

GET
H2 200 elements-inner-payment-request-792cc861fcd5018b1fd8bea329c01a03.css
js.stripe.com/v3/fingerprinted/css/ Frame 1B0B 9 KB
2 KB 10ms
9ms Stylesheet
text/css 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-792cc861fcd5018b1fd8bea329c01a03.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-81.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d90bb2550a25688b6cb75a06f5c0529a645c501ba7cc9c25a8693c111398e221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 20:35:22 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 2882
x-cache: Hit from cloudfront
last-modified: Wed, 04 Jan 2023 23:32:18 GMT
server: Cloudfront
etag: W/"cf8b463e6d1bb3394cef5796e5aa2c86"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ExZ_FrnaNvjsiZbZ_6pkc_3ukk8ga5-1kkHnUUVzgGp3iyKVuAwHNQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 1B0B 474 B
863 B 16ms
16ms Fetch
application/json 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-81.fra56.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ef8dc2a4877410a429b2c9a84de199ed2ff4581dde063c740e7d28ca887ddb7c

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-f9f47b0137ff304f8efc2960ac8ec744.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Jan 2023 21:22:00 GMT
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 21:04:43 GMT
server: Cloudfront
x-amz-cf-pop: FRA56-P6
age: 6
etag: "afadb66f80bf77ee8d89283b8994f468"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: rKfjQth7Pyx8IztvH69W6k78FE1G9ltgdTz6fGNCUFC2rQkI0kDH9Q==

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 327ms
326ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 325ms
324ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 324ms
324ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:05 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=113794056660136&ev=Microdata&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&rl=&if=false&ts=1672953725695&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.%22%2C%22meta%3Adescription%22%3A%22Shatterproof%20is%20a%20national%20nonprofit%20organization%20dedicated%20to%20transforming%20addiction%20treatment%2C%20ending%20stigma%2C%20and%20supporting%20communities.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%221%20in%2010%20Americans%20report%20having%20resolved%20a%20substance%20use%20disorder%20in%20their%20lifetime.%20%22%2C%22og%3Adescription%22%3A%22The%20overdose%20epidemic%20is%20making%20headlines%2C%20but%20what%20about%20all%20of%20those%20who%20are%20entering%20recovery%3F%20This%20month%2C%20we%E2%80%99re%20celebrating%20everyone%20who%20has%20taken%20the%20first%20step%20to%20begin%20their%20recovery%20journey.%20Give%20a%20gift%20today%20to%20celebrate%20those%20in%20recovery%20and%20help%20thousands%20who%20are%20still%20living%20with%20addiction.%20%5Cn%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Facb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com%2F10089%2FEN_Guy%2BOpening%2BCurtain.jpg%3Fv%3D1651862172000%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.91&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1672953724911.1818126724&it=1672953724161&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 21:22:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame CD93 54 KB
17 KB 7ms
7ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.shatterproof.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Thu, 05 Jan 2023 21:22:05 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 935084, 199073
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-hhn-etou8220078-HHN
x-timer: S1672953726.711990,VS0,VE0

GET
H2 200 ts
t.paypal.com/ 42 B
160 B 209ms
209ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ABJJEGWVMNKXCA-1&page=muse%3Aoffer%3A%3A%3ABJJEGWVMNKXCA-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=ad05f3ef-ad4d-45ca-a3a9-c55188f00c09&es=visitorInfoFlowStarted&mrid=BJJEGWVMNKXCA&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1672953725766&g=0&completeurl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 05 Jan 2023 21:22:05 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 2acca6384dd01
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
traceparent: 00-00000000000000000002acca6384dd01-8d6748de7cc769d7-01
x-timer: S1672953726.765361,VS0,VE202
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 21:22:05 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame CD93 434 B
2 KB 250ms
250ms Fetch
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35D9) /

Resource Hash

db99fb79e44a8ff8f7baa37c65e617b6016292e9abb4cf219907e59254b3ca08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-UvMnQ3/0pvUziahcf0NAHVm8SO4JhM2bDRpui6kKz8TenQYJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-UvMnQ3/0pvUziahcf0NAHVm8SO4JhM2bDRpui6kKz8TenQYJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
date: Thu, 05 Jan 2023 21:22:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 07b5114439796
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 290
x-xss-protection: 1; mode=block
server: ECAcc (lhd/35D9)
traceparent: 00-000000000000000000007b5114439796-b87db4655ba4f7e0-01
etag: W/"1b2-o326xGh3W99JFEgoXOPgvh05Cq4"
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 187ms
185ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/359B) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 21:22:05 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 0ba4345161646
server: ECAcc (lhd/359B)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000ba4345161646-2cd824e49b027d2c-01
vary: Origin, Access-Control-Request-Headers

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame B2E4 304 KB
90 KB 9ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRnSmV4OERnNU1qdGwwOENld2FMdFRCcmR0N0V4UjduMHhZMjFsWUhpSVBiT20ySjVKWmVXcnlGbUd6RndCaWpmdE9LSWNHcFFfZkYzcU8mZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0JmVuYWJsZS1mdW5kaW5nPXZlbm1vJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2pwbG5hZWx0eGRycnp6d2lzaWxkYmp6endxeGRwbiJ9fQ&clientID=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&sdkCorrelationID=03a72a4a095b3&storageID=uid_860d7bbf07_mje6mji6mdu&sessionID=uid_f3cb23386a_mje6mji6mdu&buttonSessionID=uid_f0af9fdb08_mje6mji6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCA) /

Resource Hash

e22ade9eadba98e54c8c8d2dec56b3af9a1f99b4a489f554a57f15224a620a17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRnSmV4OERnNU1qdGwwOENld2FMdFRCcmR0N0V4UjduMHhZMjFsWUhpSVBiT20ySjVKWmVXcnlGbUd6RndCaWpmdE9LSWNHcFFfZkYzcU8mZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0JmVuYWJsZS1mdW5kaW5nPXZlbm1vJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2pwbG5hZWx0eGRycnp6d2lzaWxkYmp6endxeGRwbiJ9fQ&clientID=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&sdkCorrelationID=03a72a4a095b3&storageID=uid_860d7bbf07_mje6mji6mdu&sessionID=uid_f3cb23386a_mje6mji6mdu&buttonSessionID=uid_f0af9fdb08_mje6mji6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-om218+hg7ms2n/sFI9FtZkFX9K9IGEqDAp2A8VmHOBrdfkBB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 21:22:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: HIT
p3p: true
paypal-debug-id: 014a896111473
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 90977
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Jan 2023 21:22:05 GMT
server: ECAcc (frc/4CCA)
traceparent: 00-0000000000000000000014a896111473-0c3d54ec04549217-01
etag: W/"16361-okF2p53LHPvJNUrVd88hCy1KoJ0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame B2E4 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame B2E4 58 KB
20 KB 60ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF6) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 89659
x-cache: HIT
paypal-debug-id: 5fff6b0e53f6d
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CF6)
traceparent: 00-00000000000000000005fff6b0e53f6d-0a51215fd8102c01-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jan 2023 21:22:06 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame B2E4 1016 B
2 KB 183ms
181ms Ping
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/359C) /

Resource Hash

3ccff07ac4e81ee88cf70dac411c5aa3c2f68fb291019d5e164ede185cbfc822

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRnSmV4OERnNU1qdGwwOENld2FMdFRCcmR0N0V4UjduMHhZMjFsWUhpSVBiT20ySjVKWmVXcnlGbUd6RndCaWpmdE9LSWNHcFFfZkYzcU8mZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0JmVuYWJsZS1mdW5kaW5nPXZlbm1vJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2pwbG5hZWx0eGRycnp6d2lzaWxkYmp6endxeGRwbiJ9fQ&clientID=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&sdkCorrelationID=03a72a4a095b3&storageID=uid_860d7bbf07_mje6mji6mdu&sessionID=uid_f3cb23386a_mje6mji6mdu&buttonSessionID=uid_f0af9fdb08_mje6mji6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 21:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 086801a9a7703
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 612
server: ECAcc (lhd/359C)
traceparent: 00-0000000000000000000086801a9a7703-a89361f03961f997-01
etag: W/"3f8-IEKoVNiWe1V/M5zNjSKPK9IncAc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 8B41 160 B
1 KB 212ms
212ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E2) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: dea6415d2da50
date: Thu, 05 Jan 2023 21:22:06 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: dea6415d2da50
server: ECAcc (lhd/35E2)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000dea6415d2da50-9a90a4ec836e4358-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame A9B6
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS

42 B
299 B

113ms
32ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 21:22:07 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS
Date: Thu, 05 Jan 2023 21:22:07 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 8B41 58 KB
20 KB 8ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 21:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 89660
x-cache: HIT
paypal-debug-id: 5fff6b0e53f6d
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-00000000000000000005fff6b0e53f6d-0a51215fd8102c01-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jan 2023 21:22:07 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame E164 0
127 B 182ms
182ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b7a6587fe63dc9eff336a5a49ba29dfe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 05 Jan 2023 21:22:07 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 8B41 125 B
780 B 195ms
195ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35D6) /

Resource Hash

461c6e3672351e1bf582d4fe86b1b4732c41e15bf65850e2850890083d46a5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 21:22:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 3a73017424bd
server: ECAcc (lhd/35D6)
traceparent: 00-000000000000000000003a73017424bd-9ee0a3baa676974a-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 3a73017424bd
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 8B41 0
97 B 186ms
186ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 21:22:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 3412095b4b2c7
server: ECAcc (lhd/35E6)
traceparent: 00-00000000000000000003412095b4b2c7-db830cb1de268a28-01
paypal-debug-id: 3412095b4b2c7
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 8B41 0
374 B 274ms
201ms Image
text/plain 2a04:4e42:400::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_f3cb23386a_mje6mji6mdu&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220082-HHN
date: Thu, 05 Jan 2023 21:22:07 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 7ac2a7edc00c8
via: 1.1 varnish
traceparent: 00-00000000000000000007ac2a7edc00c8-ca5c3da7c0a56694-01
x-timer: S1672953727.110284,VS0,VE194
x-cache: MISS
paypal-debug-id: 7ac2a7edc00c8
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1838688983&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&ul=en-us&de=UTF-8&dt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&el=25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1551151615.1672953724&tid=UA-37548047-3&_gid=748929414.1672953724&gtm=2wg120TWDK4TG&z=1510789862

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 10:42:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38367
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
24ms Image
image/gif 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1838688983&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&ul=en-us&de=UTF-8&dt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1551151615.1672953724&tid=UA-37548047-3&_gid=748929414.1672953724&gtm=2wg120TWDK4TG&z=98867555

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 10:42:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38367
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1838688983&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&ul=en-us&de=UTF-8&dt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&el=50&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1551151615.1672953724&tid=UA-37548047-3&_gid=748929414.1672953724&gtm=2wg120TWDK4TG&z=1847822936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 10:42:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38367
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1838688983&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&ul=en-us&de=UTF-8&dt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1551151615.1672953724&tid=UA-37548047-3&_gid=748929414.1672953724&gtm=2wg120TWDK4TG&z=887822573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.shatterproof.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 10:42:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38367
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame B2E4 1013 B
1 KB 189ms
187ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35A1) /

Resource Hash

c83674a165747c5e97f2754cb845afd8df193ec7ab0eae06677ccf535873f349

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWRnSmV4OERnNU1qdGwwOENld2FMdFRCcmR0N0V4UjduMHhZMjFsWUhpSVBiT20ySjVKWmVXcnlGbUd6RndCaWpmdE9LSWNHcFFfZkYzcU8mZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0JmVuYWJsZS1mdW5kaW5nPXZlbm1vJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2pwbG5hZWx0eGRycnp6d2lzaWxkYmp6endxeGRwbiJ9fQ&clientID=AdgJex8Dg5Mjtl08CewaLtTBrdt7ExR7n0xY21lYHiIPbOm2J5JZeWryFmGzFwBijftOKIcGpQ_fF3qO&sdkCorrelationID=03a72a4a095b3&storageID=uid_860d7bbf07_mje6mji6mdu&sessionID=uid_f3cb23386a_mje6mji6mdu&buttonSessionID=uid_f0af9fdb08_mje6mji6mdu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 21:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 06aa118884620
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 605
server: ECAcc (lhd/35A1)
traceparent: 00-000000000000000000006aa118884620-a92c7d8914d955ab-01
etag: W/"3f5-EzexcMwnZaubgCAiJtY9hXS37Co"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1004 B
1 KB 464ms
463ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3593) /

Resource Hash

e66f84ddde72335df97c3f1daf2175fd89d69ef107e58775cf039e66bccc754c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://donate.shatterproof.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Jan 2023 21:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 00a16a7a0651a
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 598
server: ECAcc (lhd/3593)
traceparent: 00-000000000000000000000a16a7a0651a-57dbb5282844f5aa-01
etag: W/"3ec-bfDSLWcZLCoWAJyvvW4fqRuErxk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://donate.shatterproof.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 196ms
194ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E6) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donate.shatterproof.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://donate.shatterproof.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 05 Jan 2023 21:22:07 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 0aa90b88b2022
server: ECAcc (lhd/35E6)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000aa90b88b2022-57aa5fb363bb002d-01
x-content-type-options: nosniff

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 34ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LCP7PTS89G&gtm=2oe120&_p=1838688983&cid=1551151615.1672953724&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sid=1672953724&sct=1&seg=0&dl=https%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1%3Futm_source%3DNon-Donor%26ea.tracking.id%3D22EOY-em17-thankyou%26ea.campaigner.email%3DK8rzGc%252Bz%252FlySKIZqtJvehaeeM77yxbyr79T%252BgEUJXTY%253D%26URL%3Dhttps%3A%2F%2Fdonate.shatterproof.org%2Fpage%2F45836%2Fdonate%2F1&dt=Donate%20to%20Shatterproof%20%7C%20Shatterproof%20-%20Reversing%20the%20Addiction%20Crisis%20in%20the%20U.S.&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCP7PTS89G&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://donate.shatterproof.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 21:22:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.shatterproof.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shatterproof.org/page	1970-01-20 08:42:37	Name: en_sessionId Value: eb8ef0b466ed41e59b6b84590d4050ab-use2-prd-web4
donate.shatterproof.org/page	1969-12-31 23:59:59	Name: JSESSIONID Value: uU_Ysc-IVcPuEnQviqfIgCmQtrOwrFgK52-1pGiY.use2-prd-web4
.shatterproof.org/	1970-01-20 10:52:09	Name: _gcl_au Value: 1.1.1839556770.1672953724
.shatterproof.org/	1970-01-20 18:18:33	Name: _ga Value: GA1.2.1551151615.1672953724
.shatterproof.org/	1970-01-20 08:44:00	Name: _gid Value: GA1.2.748929414.1672953724
.shatterproof.org/	1970-01-20 08:42:33	Name: _gat_UA-37548047-3 Value: 1
.twitter.com/	1970-01-20 18:18:33	Name: personalization_id Value: "v1_4SxR3YyABJAXI4rTF+ggAw=="
.t.co/	1970-01-20 18:18:33	Name: muc_ads Value: 3a24bd01-e641-451a-9794-5f3b3b3d5521
donate.shatterproof.org/	1970-01-20 08:52:38	Name: AWSALB Value: GmYiRWTN4TN0yelIT0VbA4+zaAGVVAf5Q8I4IFSz2gBikRQoN0zzOpxLcqBw7BcJIWpdTpOvi+wx7pr71sqzON9hGgDZfUfqFboOpTl1HrTkAz26yPnE/5yp7jw3
donate.shatterproof.org/	1970-01-20 08:52:38	Name: AWSALBCORS Value: GmYiRWTN4TN0yelIT0VbA4+zaAGVVAf5Q8I4IFSz2gBikRQoN0zzOpxLcqBw7BcJIWpdTpOvi+wx7pr71sqzON9hGgDZfUfqFboOpTl1HrTkAz26yPnE/5yp7jw3
.shatterproof.org/	1970-01-20 10:52:09	Name: _fbp Value: fb.1.1672953724911.1818126724
.shatterproof.org/	1970-01-20 17:28:09	Name: _hjSessionUser_1838095 Value: eyJpZCI6IjIyZmEzMDI4LThmOWMtNTZkZC04YjY2LTNhMzc3OGM3Y2MyMSIsImNyZWF0ZWQiOjE2NzI5NTM3MjQzMDUsImV4aXN0aW5nIjpmYWxzZX0=
.shatterproof.org/	1970-01-20 08:42:35	Name: _hjFirstSeen Value: 1
donate.shatterproof.org/	1970-01-20 08:42:33	Name: _hjIncludedInSessionSample Value: 0
.shatterproof.org/	1970-01-20 08:42:35	Name: _hjSession_1838095 Value: eyJpZCI6IjI4Y2ZkZTkxLWU2ZDQtNDVjMy1hODM4LTFkNDJkOWYwMzA2NCIsImNyZWF0ZWQiOjE2NzI5NTM3MjQ5NDIsImluU2FtcGxlIjpmYWxzZX0=
donate.shatterproof.org/	1970-01-20 08:42:33	Name: _hjIncludedInPageviewSample Value: 1
.shatterproof.org/	1970-01-20 08:42:35	Name: _hjAbsoluteSessionInProgress Value: 0
.google.com/	1970-01-20 13:06:04	Name: NID Value: 511=cv2XZhevOuN63FL3cmqZtShztTCi4Sw7uk9TNDha7Pmh7rEEmv_EkSUKP4BdMqpyIeLsCsCqaL8JC8pVSmSos2s2IVjO7wcKIEbNkEVnlC6zzOlzVIzBUbPYrEfB4gefFVi-jmbGz8d19b8ncSIhkYNvpBWwQlhmaKDTpAGTWDI
.paypal.com/	1970-01-20 08:42:35	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-20 18:18:33	Name: ts_c Value: vr%3D83d000061850a1d50d6587d8fb656775%26vt%3D83d000061850a1d50d6587d8fb656774
m.stripe.com/	1970-01-20 18:18:33	Name: m Value: a0114730-3d1d-42fd-84a4-c19f0aa8265c978dac
.donate.shatterproof.org/	1970-01-20 17:28:09	Name: __stripe_mid Value: c4d74ff2-69d5-4f53-a5a1-078d6218b888590c69
.donate.shatterproof.org/	1970-01-20 08:42:35	Name: __stripe_sid Value: 7119ee5b-521f-4bff-a039-84a9e2b9a286efe6a9
.paypal.com/	1970-01-20 17:28:09	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 08:43:05	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AENT6t2lxIZ93uZ4pj7nue5_cz6MXPJbX.V03IKX2oaxgxkkO7tJz0YNqbp7J5d20tHzEpcqSsUTc
.paypalobjects.com/	1970-01-20 08:44:00	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 08:46:52	Name: tsrce Value: loggernodeweb
.shatterproof.org/	1970-01-20 18:18:33	Name: _ga_LCP7PTS89G Value: GS1.1.1672953724.1.0.1672953727.57.0.0
.c.paypal.com/	1970-01-20 18:18:33	Name: sc_f Value: LTdXTx1wcV_lWG-pUBfOVqmjKeKlMEpRQukpjLngPY2-hPAVbTrZNeC-GMFX4DEPfg3d4PifxVH3x4q8pEHnmUGl-yKNgcf6haRFGW
.paypal.com/	1970-01-20 18:18:33	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: 4i8cGphpG9XFJaul3ZvWuLUcOsWXhRM_fgVnXxcn5AxnKVgTay7U6vqu-66uRsH3ytXm7qdTLggIQ7Bi
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3Mjk1MzcyNzE4NSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 18:18:33	Name: ts Value: vreXpYrS%3D1767648127%26vteXpYrS%3D1672955527%26vr%3D83d000061850a1d50d6587d8fb656775%26vt%3D83d000061850a1d50d6587d8fb656774%26vtyp%3Dnew

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=15552000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
analytics.twitter.com
apps.4sitestudios.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.plaid.com
click.email.shatterproof.org
connect.facebook.net
donate.shatterproof.org
doublethedonation.com
dub.stats.paypal.com
in.hotjar.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.paypal.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.244.42.195
104.244.42.5
108.138.7.81
13.111.18.12
151.101.1.35
151.101.2.133
18.66.15.82
192.229.221.25
199.232.16.157
2.18.233.206
2001:4860:4802:34::36
23.96.109.67
2600:9000:223e:ce00:19:7d10:bd80:93a1
2606:4700::6812:1084
2a00:1450:4001:803::200e
2a00:1450:400c:c07::5c
2a00:1450:400d:803::2003
2a00:1450:400d:806::2004
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::2008
2a00:1450:400d:80d::200e
2a00:1450:4025:401::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::291
34.195.130.113
54.187.119.242
54.187.159.182
54.187.232.234
54.78.116.173
64.4.245.84
65.9.66.101
65.9.66.91
99.86.4.91
0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3
0f98d8c43b740b592595e0c21098a62187049498f6b304cb423fb24dcec4c835
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
284566894edf74d4218651b8deba4618d26f57b1f075a6d11831554e5a32d16a
2ef5374a08b93b61f28bad4341b68aef695272f63a708f77234509994139fc2b
30700269f140fbe469badd761cedb051d77f95895b4d7381c6d305043b92aad8
3366ae6ec68dc45af16577c69c450c206445cc4fe269ce3501b87c3cddc051c5
3511a8ddf8193cfc6b052e5d92134ec5421d1520029fa62db1531a34e6b646c5
3ccff07ac4e81ee88cf70dac411c5aa3c2f68fb291019d5e164ede185cbfc822
3fef45dde6feffaea476a17513892c8a5c179a90c4df67e3c5685da68f19ab83
461c6e3672351e1bf582d4fe86b1b4732c41e15bf65850e2850890083d46a5ed
46560761ac120ebbf9a1a1ca68ce1d7120c25ef1a3cae8a1d122656ca7268d7e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4acc4bd3ac7f5868247e30c34cd38179f96181aeef4cc92616842629dcd449c9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51e4b766a3e61185a115ecb5116ebd2bd21e5f31f23a3aece42a0b8efc32ec43
54cd41fcf2c58ceed967bfccbe2c8704e0b817159a328e2f521642522542136d
558ca78c0b9a3f4fa2ffcea24b30432c4723b363930cdc7b84c3b503184f8950
55e882b39c09c243b18cee29c0de7767ade5c6fd160dc5610e402ee66888a338
560c84329bfb0e89f1bcac58ea5d100297fa46fea69229ca66c62a8066d232f1
5b4cb861c0a96921bd708714737d480605c5328b0be8f182c8865ca12e8b694d
5fea16b87d30f0203ab59b04bd7fa8728007e9dff816ea113985887ed1284b46
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
664f99ac307aee38222e1213baa527ffef8fdcd0ab06520e5733802b5b4e23f6
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
729a7745f5e6c1e8cb537206c3e0d5430ace92ec3c63e6fe0e3e8a7449b08681
72b8cd2b3610e96095372247cb9006e05f9d8266a22b0fc9716c132969b4b319
791f63b3e64d32c66a3e3108403d64e3577826cb1e1f31a2e0b00892245d81e0
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
82619e72ea24127d88a954ecc399c1fdcaba555050dbc8445e8aebe93269560d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833ff33a960f1d3b6a3fa614a4cecddbe373f455caced1d1a5a7ccaff59ca240
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89503e24dedcf15d007e9170a55be5fe332471da9272f1340a5589c76c4beaa2
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8bdbd136f32337863d6f54a918c6e0124b7af78a503c109711b6b4f28039126c
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9b137c618412b1987ab557737d18b2ae47b62f0837e484fa18c8eaff9aa1bd1c
a0658bad580f01029674c73756d13b09dfd074d171ecb205fa6d0365469f92f1
a2b3741f54b45562bbf1ea37d94c79d0a358ec96eb311cb069fb633294a3205c
a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96
a4122afc209635938c0a39a89e9aa3843d0c82139eebb98bcd6e201cb4371b13
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aaeee814de1a93fb11b64056f88a8cbf8705af722f59c330e970b46bd3130fa1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5eeeed7433a9972da142a874a7df409dbb6fc36885fc1bfa8b6aadb374d401d
b94eb502e26770c9d54de519d7225c016d31cf33584446e77dbaefae9d7dfb13
bad4817f7a43732724e27b898b457e4c5eb150c108359675b886daf603cc73e3
c09cb2eb74a80a217dab9d843e4c21ad4255cb4d394891a01d60364a22c00030
c4d22eed230e42af5dfe752033e1859db39eeb11c0850dd82b4ed9309be1422b
c83674a165747c5e97f2754cb845afd8df193ec7ab0eae06677ccf535873f349
c938ae1915ded12935a495124582831423abc198c3005f6433f309e1c5bfc4b8
ca76fa7d6560d92382a2a04e2c0c3d0bcc035141ffb115de6b6a6441c008b33f
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d53ef05d3988c43ace3004d6f9167cce321dc86598eeee0f328192b7145ca9a9
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d795b9d0bcf61da39c36e3a8294e9c67940a5ac7c7b173bc1ee23a538383a0ab
d90bb2550a25688b6cb75a06f5c0529a645c501ba7cc9c25a8693c111398e221
db99fb79e44a8ff8f7baa37c65e617b6016292e9abb4cf219907e59254b3ca08
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6
e22ade9eadba98e54c8c8d2dec56b3af9a1f99b4a489f554a57f15224a620a17
e32865f477d26c0d291c4e95cf15e60c281cbb59fbe29f56b022f4847eb978c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66f84ddde72335df97c3f1daf2175fd89d69ef107e58775cf039e66bccc754c
e9d4c5d0666527da083327f26fb2fa36485f794de264e75be5ef48eece9aa91f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8dc2a4877410a429b2c9a84de199ed2ff4581dde063c740e7d28ca887ddb7c
efec8346d9ccae4738cfc4434a2ee2e6937716eecbabd9481bd768fc1cd8bbd2
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fd360a87d7ade83d735b87cbcbcbf132728c06704a05cee46e73ecd411f62edb

donate.shatterproof.org Open in urlscan Pro 2606:4700::6812:1084 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

99 %HTTPS

41 %IPv6

21 Domains

36 Subdomains

34 IPs

6 Countries

2627 kBTransfer

8806 kBSize

33 Cookies

1 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.shatterproof.org Open in urlscan Pro
2606:4700::6812:1084 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

99 %
HTTPS

41 %
IPv6

21
Domains

36
Subdomains

34
IPs

6
Countries

2627 kB
Transfer

8806 kB
Size

33
Cookies

147 HTTP transactions
3 data transactions