hopeforukraine.net Open in urlscan Pro
151.101.130.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001j7XJ6bYNJQ0BReUlOPmoSZc-CVDFzqzDioYicAUDK4ASWjKwZKmaJmixpZHc_5FuFr8vM2tiWA71Ooc2HUUn...
Effective URL:
https://hopeforukraine.net/
Submission: On November 08 via manual (November 8th 2023, 8:40:07 am UTC) from IN — Scanned from DE

Summary HTTP 227 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 23 domains to perform 227 HTTP transactions. The main IP is 151.101.130.159, located in United States and belongs to FASTLY, US. The main domain is hopeforukraine.net.
TLS certificate: Issued by R3 on October 10th 2023. Valid for: 3 months.

This is the only time hopeforukraine.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
50	151.101.130.159 151.101.130.159	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:5600:17:a0f4:8900:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f082:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f082:108:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:215... 2600:9000:2156:7800:17:a0f4:8900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
18	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2600:9000:225... 2600:9000:2250:a200:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.61 13.32.121.61	16509 (AMAZON-02) (AMAZON-02)
21	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
40	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:b200:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.236.9.94 18.236.9.94	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c0c::5c	15169 (GOOGLE) (GOOGLE)
1	52.49.17.168 52.49.17.168	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
227	29

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 151.101.130.159 (United States)

ASN54113 (FASTLY, US)

hopeforukraine.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5600:17:a0f4:8900:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.alliai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f082:9:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

scontent-ord5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f082:108:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

scontent-ord5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:c55f (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:7800:17:a0f4:8900:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2azal32wgllwk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

donate.hfu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2250:a200:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-61.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:b200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.236.9.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-236-9-94.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.17.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249 r.stripe.com — Cisco Umbrella Rank: 3546 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203	1013 KB
50	hopeforukraine.net hopeforukraine.net	3 MB
33	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 pay.google.com — Cisco Umbrella Rank: 2685 play.google.com — Cisco Umbrella Rank: 28	841 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	528 KB
15	hfu.org donate.hfu.org	56 KB
15	classy.org sdk.classy.org — Cisco Umbrella Rank: 45548 prod-frs.content.classy.org — Cisco Umbrella Rank: 48327 pay.classy.org — Cisco Umbrella Rank: 52580	1 MB
5	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5366	141 KB
3	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 66723	133 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	121 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	cloudfront.net d2azal32wgllwk.cloudfront.net
2	fbcdn.net scontent-ord5-1.xx.fbcdn.net — Cisco Umbrella Rank: 3583 scontent-ord5-2.xx.fbcdn.net — Cisco Umbrella Rank: 3342	141 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	153 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	31 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14270	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 903	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 31447	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	409 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	257 B
1	alliai.com static.alliai.com — Cisco Umbrella Rank: 134821	15 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 7400	345 B
227	23

	Domain	Requested by
50	hopeforukraine.net	hopeforukraine.net
28	r.stripe.com	js.stripe.com
24	play.google.com	www.gstatic.com
21	js.stripe.com	cdn.transcend.io js.stripe.com
15	donate.hfu.org	sdk.classy.org donate.hfu.org cdn.transcend.io
13	prod-frs.content.classy.org	donate.hfu.org cdn.transcend.io prod-frs.content.classy.org
12	q.stripe.com	hopeforukraine.net
10	fonts.gstatic.com	fonts.googleapis.com
8	www.gstatic.com	pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com hopeforukraine.net www.gstatic.com
5	cdn.transcend.io	donate.hfu.org cdn.transcend.io
4	m.stripe.com	m.stripe.network
3	files.doublethedonation.com	donate.hfu.org files.doublethedonation.com cdn.transcend.io
3	www.youtube.com	hopeforukraine.net cdn.transcend.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	d2azal32wgllwk.cloudfront.net	static.alliai.com
2	www.googletagmanager.com	hopeforukraine.net www.googletagmanager.com
2	fonts.googleapis.com	hopeforukraine.net cdn.transcend.io
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	pay.classy.org	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	static.cloudflareinsights.com	donate.hfu.org
1	www.google.de	hopeforukraine.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	sdk.classy.org	hopeforukraine.net
1	scontent-ord5-2.xx.fbcdn.net	hopeforukraine.net
1	scontent-ord5-1.xx.fbcdn.net	hopeforukraine.net
1	static.alliai.com	hopeforukraine.net
1	r20.rs6.net	1 redirects
227	33

This site contains links to these domains. Also see Links.

Domain
donate.hfu.org
donatestock.com
roundup.app
www.bonfire.com
www.youtube.com
newjersey.news12.com
pix11.com
www.njpbs.org
patch.com
www.newjerseyhills.com
www.nj.com
meest-online.com
s3-prod.crainsnewyork.com
video.foxnews.com
video.snapstream.net
www.facebook.com
facebook.com
twitter.com
www.linkedin.com
www.instagram.com
awards.classy.org
www.guidestar.org
www.charitynavigator.org
firespring.com

Subject Issuer	Validity	Valid
www.hopeforukraine.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
alliai.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-17` - `2023-11-15`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
donate.hfu.org Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-08`	a year	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-05-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://hopeforukraine.net/
Frame ID: A5B7F0992CF90E510E68AF0EDDDDEBD7
Requests: 68 HTTP requests in this frame

Frame: https://donate.hfu.org/give/493707/
Frame ID: 17A0795DD7882E1C3EF723026E79FFEA
Requests: 55 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 5FE01880990C1187640660CDDFCFF8EC
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: EA2546749463502F2074E9579089D164
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
Frame ID: E9AE4471EBDE8B0158BA2C1E459C11CC
Requests: 35 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
Frame ID: 3812B16DE13E413A1F7AA9E1F04EDD39
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
Frame ID: B816AED3B96B480371B93621C51C9D09
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
Frame ID: 018F1B0CBB42087E2C23D7E629915ED6
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
Frame ID: 8816A7394AE5FD1CCDB969A3561807CF
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 2D3C2BFD8788C20CDED412FFDD4547CC
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 27F94DD24718C7A35FB420AF43075F67
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hope for Ukraine Charity | Ukraine Donation SiteComments Box SVG icons

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001j7XJ6bYNJQ0BReUlOPmoSZc-CVDFzqzDioYicAUDK4ASWjKwZKmaJmixpZHc_5Fu... HTTP 302
https://hopeforukraine.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

227
Requests

100 %
HTTPS

72 %
IPv6

23
Domains

33
Subdomains

29
IPs

4
Countries

7528 kB
Transfer

20640 kB
Size

14
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.hfu.org/give/486355/#!/donation/checkout
Title: Donate

Search URL Search Domain Scan URL

URL: https://donatestock.com/hope-for-ukraine-inc
Title: Donate Stock

Search URL Search Domain Scan URL

URL: https://roundup.app/p/HopeforUkraineInc
Title: RoundUp App

Search URL Search Domain Scan URL

URL: https://www.bonfire.com/store/hfu/
Title: Online Store

Search URL Search Domain Scan URL

URL: https://donate.hfu.org/campaign/2023eoy/c515929
Title: Donate Now

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=R6cLaeYS8eo
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo9.png" alt="NewsMax" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ZLOWu8_hbUw&t=5s
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo12.png" alt="onnj on new jersey" />

Search URL Search Domain Scan URL

URL: https://newjersey.news12.com/new-jersey-s-generosity-on-full-display-by-amount-of-donations-made-to-help-ukraine?fbclid=IwAR0ytNJUBDHAORPhf6lIN6pPOBkjKhIaW8fVIlxkbUW1sRmyngh2dwkQgPg
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo11.png" alt="news12" />

Search URL Search Domain Scan URL

URL: https://pix11.com/news/local-news/new-jersey/group-organizes-donations-for-ukraine-from-new-jersey-storage-facility/amp/
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo13.png" alt="" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=A_y4FjOE0ok
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/06/6bffa82d-21ba-4e72-a3a6-8def7a2e3950.png" alt="" />

Search URL Search Domain Scan URL

URL: https://www.njpbs.org/programs/think-tank-with-steve-adubato/restoring-hope-ukraine-what-resources-are-still-needed-xzvj2/?fbclid=IwAR1hbUJM19HFZDcR-tJVMwh6G6l1UOBfewpN94_VB2Oad9luW6feQMYNkwg
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/05/NJ-PBS-e1685353208435.png" alt="" />

Search URL Search Domain Scan URL

URL: https://patch.com/new-jersey/westorange/hope-ukraine-nj-nonprofit-making-big-difference-refugees?fbclid=IwAR1g7X-gv7H_B65uh-uJRIBlsstwa8YriOKO_Gb2LmGhJwCr7BOw4-tHh5s
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo1.png" alt="patch" />

Search URL Search Domain Scan URL

URL: https://www.newjerseyhills.com/florham_park_eagle/news/hope-for-ukraine-group-gathers-supplies-support-in-florham-park/article_31dcb9a6-dbc3-5f8c-913d-bd5c2e988b3e.html
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo4.png" alt="florham park eagle" />

Search URL Search Domain Scan URL

URL: https://www.nj.com/news/2022/11/this-nj-non-profits-help-for-ukraine-began-long-before-the-war.html
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo2.png" alt="nj.com true jersey" />

Search URL Search Domain Scan URL

URL: https://meest-online.com/diaspora/usa-diaspora/hfu-vidpravyla-vzhe-16-j-kontejner/?fbclid=IwAR0e-uLfsLRd09hpBT0tiMYRIs7Khe07BWfLhVbu0F30-RdkmpQbh3dzEa4
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo5.png" alt="MICT online" />

Search URL Search Domain Scan URL

URL: https://s3-prod.crainsnewyork.com/2022-11/Pages_18.pdf?fbclid=IwAR3zarFDxnSY55gesr2cizH7YK6ql7Oh12RPrUb1PfudfFF8V_YEB8868kc
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo3.png" alt="crain's new york business" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=VCerImo3Y8Q
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo7.png" alt="abc 7" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=YhRkeG6x2GE&t=120s
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo6.png" alt="TBN" />

Search URL Search Domain Scan URL

URL: https://video.foxnews.com/v/6303974676001?playlist_id=5588264677001&fbclid=IwAR39JB7iNZESOWqCkGb9S-zLf2k5TAXwWc5JTSST7ecMhECPDnLtUzlScMs#sp=show-clips
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo8.png" alt="fox news" />

Search URL Search Domain Scan URL

URL: https://video.snapstream.net/Play/9IbDsDQDYS9vy9M3uXKsal?accessToken=tkuwnvrmgznr&fbclid=IwAR33D6X4dYJQHYM5bjMEsRbDE21CIfkRDzwIbnoYp6nlFRNxvwBME2miWac
Title: <img decoding="async" src="https://hopeforukraine.net/wp-content/uploads/2023/01/home_logo10.png" alt="CNN" />

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hope4ukraine
Title: View More on Facebook

Search URL Search Domain Scan URL

URL: https://facebook.com/756835201085500
Title: Hope For Ukraine

Search URL Search Domain Scan URL

URL: https://www.facebook.com/756835201085500/posts/725417706298746
Title: View on Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.facebook.com%2F756835201085500%2Fposts%2F725417706298746
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https%3A%2F%2Fwww.facebook.com%2F756835201085500%2Fposts%2F725417706298746
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.facebook.com%2F756835201085500%2Fposts%2F725417706298746&title=%09HOPE%20BEGINS%20WITH%20A%20MEAL%20donate.hfu.org%2Fcampaign%2F2023eoy%2Fc515929%20%09%09
Title: Share on Linked In

Search URL Search Domain Scan URL

URL: https://facebook.com/609277522431404
Title: #HFU

Search URL Search Domain Scan URL

URL: https://facebook.com/244062339065606
Title: #hopeforukraine

Search URL Search Domain Scan URL

URL: https://facebook.com/169537056530693
Title: #Ukraine

Search URL Search Domain Scan URL

URL: https://www.facebook.com/725098179664032
Title: View on Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.facebook.com%2F725098179664032
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https%3A%2F%2Fwww.facebook.com%2F725098179664032
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.facebook.com%2F725098179664032&title=%09Our%20volunteers%20delivered%20food%20and%20hygiene%20supplies%20to%20defenders%20on%20the%20frontline%20%23HFU%20%23hopeforukraine%20%23Ukraine%20hopeforukraine.net%20%09%09
Title: Share on Linked In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/724581826382334
Title: View on Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.facebook.com%2F724581826382334
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https%3A%2F%2Fwww.facebook.com%2F724581826382334
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.facebook.com%2F724581826382334&title=%09Our%20volunteers%20delivered%20food%20kits%20and%20hygiene%20products%20to%2050%20internally%20displaced%20families%20in%20Mykolayev%20region.%20Help%20us%20feed%20families%20in%20Ukraine%20by%20donating%20today%20donate.hfu.org%2Fcampaign%2F2023eoy%2Fc515929%20%23HFU%20%23hopeforukraine%20%23Ukraine%20%09%09
Title: Share on Linked In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hope4ukraine/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hopeforukraine/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/hopeforukraine
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCS6Q5mtWt0-y0YYOb0AS9aQ
Title: Youtube

Search URL Search Domain Scan URL

URL: https://awards.classy.org/finalists/
Title: <img decoding="async" width="1440" height="1440" src="https://hopeforukraine.net/wp-content/uploads/2023/05/343097483_502672868604243_7009525642236287708_n.jpg" alt="the classy awards logo." title="343097483_502672868604243_7009525642236287708_n" srcset="https://hopeforukraine.net/wp-content/uploads/2023/05/343097483_502672868604243_7009525642236287708_n.jpg 1440w, https://hopeforukraine.net/wp-content/uploads/2023/05/343097483_502672868604243_7009525642236287708_n-1280x1280.jpg 1280w, https://hopeforukraine.net/wp-content/uploads/2023/05/343097483_502672868604243_7009525642236287708_n-980x980.jpg 980w, https://hopeforukraine.net/wp-content/uploads/2023/05/343097483_502672868604243_7009525642236287708_n-480x480.jpg 480w" sizes="(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) and (max-width: 980px) 980px, (min-width: 981px) and (max-width: 1280px) 1280px, (min-width: 1281px) 1440px, 100vw" class="wp-image-311900" />

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/81-1401967
Title: <img decoding="async" width="400" height="400" src="https://hopeforukraine.net/wp-content/uploads/2023/05/candid-seal-acwis.jpg" alt="a white square with the words,'condom'and'condom'in black." title="candid-seal-acwis" srcset="https://hopeforukraine.net/wp-content/uploads/2023/05/candid-seal-acwis.jpg 400w, https://hopeforukraine.net/wp-content/uploads/2023/05/candid-seal-acwis-300x300.jpg 300w, https://hopeforukraine.net/wp-content/uploads/2023/05/candid-seal-acwis-150x150.jpg 150w, https://hopeforukraine.net/wp-content/uploads/2023/05/candid-seal-acwis-360x360.jpg 360w" sizes="(max-width: 400px) 100vw, 400px" class="wp-image-311899" />

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/ein/811401967
Title: <img decoding="async" width="800" height="800" src="https://hopeforukraine.net/wp-content/uploads/2023/06/award.1.jpg" alt="the four star charity logo." title="award.1" srcset="https://hopeforukraine.net/wp-content/uploads/2023/06/award.1.jpg 800w, https://hopeforukraine.net/wp-content/uploads/2023/06/award.1-480x480.jpg 480w" sizes="(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) 800px, 100vw" class="wp-image-312045" />

Search URL Search Domain Scan URL

URL: https://firespring.com/
Title: Firespring

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001j7XJ6bYNJQ0BReUlOPmoSZc-CVDFzqzDioYicAUDK4ASWjKwZKmaJmixpZHc_5FuFr8vM2tiWA71Ooc2HUUnIOej6X3X-a026C3JqZlEPwmV_-U440vYF6YHwj9H8H_FF55NMVL-yMsZAAAzjQ4W1w==&c=nNa54ldPfK57rj-DeBMT4kSeg6LOFbl8bo02eQ5nlX6CilF9wOrUEg==&ch=SSqacCS_4A0yJSD2nJ5OA9CTWoetD3tx_ou13xTm_jE6J_6Jitr_7g== HTTP 302
https://hopeforukraine.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

227 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hopeforukraine.net/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001j7XJ6bYNJQ0BReUlOPmoSZc-CVDFzqzDioYicAUDK4ASWjKwZKmaJmixpZHc_5FuFr8vM2tiWA71Ooc2HUUnIOej6X3X-a026C3JqZlEPwmV_-U440vYF6YHwj9H8H_FF55NMVL-yMsZAAAzjQ4W1w==&c=nNa54ldPfK...
https://hopeforukraine.net/

488 KB
78 KB

71ms
13ms

Document
text/html

151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

58945e8e2ab81a931628dcdcae84f5b18515d7ec6a39893ac15aa5ff6c75430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 78867
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 08:39:55 GMT
fastly-restarts: 1
link: <https://hopeforukraine.net/wp-json/>; rel="https://api.w.org/" <https://hopeforukraine.net/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json" <https://hopeforukraine.net/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: Flywheel/5.1.0
vary: Accept-Encoding
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cacheable: YES
x-content-type-options: nosniff
x-fw-dynamic: TRUE
x-fw-hash: rnldmbaqtj
x-fw-serve: TRUE
x-fw-server: Flywheel/5.1.0
x-fw-static: NO
x-fw-type: VISIT
x-fw-version: 5.0.0
x-served-by: cache-fra-eddf8230031-FRA, cache-fra-eddf8230119-FRA
x-tec-api-origin: https://hopeforukraine.net
x-tec-api-root: https://hopeforukraine.net/wp-json/tribe/events/v1/
x-tec-api-version: v1
x-timer: S1699432796.878084,VS0,VE3
x-xss-protection: 1

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 08 Nov 2023 08:39:55 GMT
Location: https://hopeforukraine.net/
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 team.min.css
hopeforukraine.net/wp-content/plugins/awsm-team-pro/css/ 130 KB
17 KB 9ms
8ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/awsm-team-pro/css/team.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

1f7a0f7e2730fce65d1b799027925845d9e94dce9b98ba1457bfa89c10c58239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 16937
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Mar 2023 14:50:50 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.895165,VS0,VE1
etag: W/"6400b7ca-208dd"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 0aeed2bfa1d13345904d98a5fe2826ed.css
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 96 KB
21 KB 10ms
9ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/0aeed2bfa1d13345904d98a5fe2826ed.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

89d56600b6b44f23f105a13a8869c6af02b8d9d1ac054c3f9b93df589d66453c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230077-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 21109
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 16:26:15 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.895147,VS0,VE1
etag: W/"652eb5a7-1818c"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 et-divi-dynamic-tb-12-tb-53119-16-late.css
hopeforukraine.net/wp-content/et-cache/16/ 117 KB
15 KB 12ms
9ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/et-cache/16/et-divi-dynamic-tb-12-tb-53119-16-late.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

44e842f7b56ac462791836c8466beeeeaa5f8152b1e007961e03248eada57809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230108-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 14832
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Oct 2023 14:11:38 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.937262,VS0,VE1
etag: W/"653fb99a-1d363"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 et-divi-dynamic-tb-12-tb-53119-16.css
hopeforukraine.net/wp-content/et-cache/16/ 19 KB
4 KB 18ms
14ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/et-cache/16/et-divi-dynamic-tb-12-tb-53119-16.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6148663b0d10be6491f0293a8a093676acbd5fd25a0e6812012310a9c5e44d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230139-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 3381
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 01:38:54 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.937528,VS0,VE4
etag: W/"6549952e-4c24"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/brainblog/styles/ 28 KB
5 KB 13ms
10ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/brainblog/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

dcefd91a12702679adbfdf75484d16a56ce3e07c6a2413f3319230fb22fab4af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220101-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 4876
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 May 2023 18:13:49 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.937882,VS0,VE1
etag: W/"64593bdd-6fb1"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 main.min.css
hopeforukraine.net/wp-content/plugins/dc-divi-accessibility-helper/assets/public/css/ 54 B
234 B 13ms
10ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/dc-divi-accessibility-helper/assets/public/css/main.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

c6be8751464dda80ff293b70e6fc28ce5d5d1626f3d0441905ee739faa5c3ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220083-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 72
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 18:41:23 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.937878,VS0,VE2
etag: W/"6419fa53-36"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/divi-elastic-gallery/styles/ 10 KB
2 KB 12ms
9ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/divi-elastic-gallery/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

7f4b6299dc6c621c3d2ce58c7fff0a64b8489168a8ad46916caed6e35ae90b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230045-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 1791
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Mar 2023 15:23:03 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.937858,VS0,VE1
etag: W/"6421b4d7-2613"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/divi-event-calendar-module/styles/ 80 KB
19 KB 15ms
12ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/divi-event-calendar-module/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

e91b7b95b9388a66e42801b2fd88496a28b0e388f26988cc05bef0c3b692b88c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220113-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 18975
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 03:47:53 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.938204,VS0,VE2
etag: W/"64d45de9-140db"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/divi-machine/styles/ 29 KB
6 KB 14ms
11ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/divi-machine/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

156a11f88a1b53dfc45534f270a969fb491c9a3dc75ab8ec2e5313628c6fcfbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230088-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 5933
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Jun 2023 16:58:22 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.938615,VS0,VE1
etag: W/"648c94ae-74cb"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/divi-mad-menu/styles/ 49 KB
8 KB 14ms
12ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/divi-mad-menu/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

8b6cf88f2f321c9e8a0d42eb2129dddfff0dd2087a19ab1ec539726104887194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230127-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 7589
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 03:48:00 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.938857,VS0,VE1
etag: W/"64d45df0-c234"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/divi-video-gallery/styles/ 6 KB
2 KB 16ms
14ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/divi-video-gallery/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

f6d7438de300079d07689045748764946c8136ce94b800639da0ed082a159e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230032-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 1668
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 19 May 2023 19:03:20 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.938410,VS0,VE3
etag: W/"6467c7f8-1969"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/ds-carousel/styles/ 6 KB
2 KB 13ms
11ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/ds-carousel/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

5129ab47678b1765e73bc14eea7f6cec850945b77fa05913f24dd68707b5a19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220104-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 1494
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Jan 2023 20:10:50 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.938152,VS0,VE1
etag: W/"63c0694a-18ef"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/ds-flip-box/styles/ 12 KB
2 KB 23ms
21ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/ds-flip-box/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

645a421f4db3cc14c8cb2fb6fa400aec5c5bbede092beaadaf64b286e77df763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220068-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 1791
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Jan 2023 23:00:25 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944698,VS0,VE2
etag: W/"63c09109-2f60"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/ds-image-gallery/styles/ 6 KB
1 KB 18ms
16ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/ds-image-gallery/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

298d4cdac7aa50184fc7d656941ad96f1b0d51774cff34f136b052c6b0c484df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220043-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 1291
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Jan 2023 20:10:18 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944234,VS0,VE1
etag: W/"63c0692a-18c1"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 css
fonts.googleapis.com/ 79 KB
3 KB 57ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Open+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic|Oswald:200,300,regular,500,600,700|Unna:regular,italic,700,700italic&subset=latin,latin-ext&display=swap

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67e077693182152afa2b74d45e49181a85e949dd42b6e54401b6783da67353c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 08:39:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 08:39:55 GMT

GET
H2 200 style.min.css
hopeforukraine.net/wp-content/plugins/divi-machine/includes/modules/divi-ajax-filter/styles/ 87 KB
14 KB 39ms
37ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/divi-machine/includes/modules/divi-ajax-filter/styles/style.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

774b48c6351d29f1f17dfb52d755cc3d2f498e810884dc1f0a61a2b91da267fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220073-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 13878
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Jun 2023 16:58:22 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944228,VS0,VE4
etag: W/"648c94ae-15c20"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 carousel.min.css
hopeforukraine.net/wp-content/plugins/divi-machine/css/ 3 KB
1 KB 19ms
17ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/plugins/divi-machine/css/carousel.min.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

18077e40e233fcda47ac0394fa97e56320f3a2525e809d6091960e58d3d5c6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230035-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 1070
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Jun 2023 16:58:22 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944760,VS0,VE1
etag: W/"648c94ae-d85"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 16ccbba6fbcb5c0816e14e945d58da20.css
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 24 B
378 B 19ms
18ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/16ccbba6fbcb5c0816e14e945d58da20.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

f991cd8cd7d8f49d13e73750bb8c388a91a352b8973c7b4e4d48f103753fb6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220022-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 44
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 16:26:15 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944098,VS0,VE2
etag: W/"652eb5a7-18"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 et-core-unified-16.min.css
hopeforukraine.net/wp-content/et-cache/16/ 307 B
425 B 16ms
13ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-16.min.css?ver=1699321135

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

984530ba11d53aa12d9a0a6ccd643c77daf7256ad10e9b10d3f1f30dff987799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220034-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 222
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 01:38:55 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944483,VS0,VE1
etag: W/"6549952f-133"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 et-core-unified-tb-12-tb-53119-deferred-16.min.css
hopeforukraine.net/wp-content/et-cache/16/ 36 KB
6 KB 18ms
15ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

e6b9ef6b57f250447e16fb2d01ceedc5ce4b76f8effc57c20bdd425b75ccba0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220038-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 5555
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 01:38:56 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944700,VS0,VE2
etag: W/"65499530-8f6c"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 c60ca04e2d4c961acfe8b28cd869e60f.css
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 19 KB
6 KB 19ms
16ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/c60ca04e2d4c961acfe8b28cd869e60f.css

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

54752ed0fd548a707fa5520643628167ba2cb0be849d4814b2d95323b22e987e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230036-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 6071
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 16:26:24 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944021,VS0,VE3
etag: W/"652eb5b0-4cbc"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 67e0b8a72d3f7ce91671920cf54ea71d.js Show response
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 99 KB
37 KB 13ms
10ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/67e0b8a72d3f7ce91671920cf54ea71d.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220039-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 37989
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Sep 2023 20:57:19 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944020,VS0,VE2
etag: W/"64ff7f2f-18aee"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 1d2beff71d922456c2f8b335b96f05b8.js Show response
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 93 KB
30 KB 35ms
32ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/1d2beff71d922456c2f8b335b96f05b8.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

cf1167ec51b7ba5a42d08ba7b608c1e2cb768c709a0c3a1ee82ebb7e1d3321d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230071-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 30699
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 16:26:15 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944127,VS0,VE16
etag: W/"652eb5a7-17543"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 9209bcb644ce742145dc91f58fb8b8a6.js Show response
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 239 KB
74 KB 19ms
16ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/9209bcb644ce742145dc91f58fb8b8a6.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

011e0598351f5d1b6cb691d11b5b34d2006635bb073742eb4d539fb9a131a126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220052-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 75159
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 16:26:16 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.943966,VS0,VE3
etag: W/"652eb5a8-3bc0a"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 scripts.min.js Show response
hopeforukraine.net/wp-content/themes/Divi/js/ 268 KB
78 KB 18ms
16ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/themes/Divi/js/scripts.min.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

124999106b36b91138193de6ae365bc2e97ec51e122e2f967318ce3d662b561b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230022-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 79415
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Jun 2023 15:54:16 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.943946,VS0,VE2
etag: W/"64873fa8-42f5a"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 6f89968f63954ec7c7174d0b133fa4ef.js Show response
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 84 KB
25 KB 17ms
15ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/6f89968f63954ec7c7174d0b133fa4ef.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

eeeb890f307f0103391d7f1d5c2c5105b7dff058878f46c46960e552f94a2158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230076-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 25077
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 16:26:25 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.944019,VS0,VE2
etag: W/"652eb5b1-14ef5"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 538249b52334d1135f856562c7e1e1b5.js Show response
hopeforukraine.net/wp-content/uploads/hummingbird-assets/ 443 KB
134 KB 15ms
14ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/538249b52334d1135f856562c7e1e1b5.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

0b02607b9dd0dba9c364d599865d471fcd6ed72245636e4e397455034c5c15bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220106-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 136832
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 16:30:03 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.943918,VS0,VE2
etag: W/"652eb68b-6ea57"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
62 KB 53ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHQQD9Z

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5adf71ca20f034800a28eb5298a96d4a83ce618eebce2c8c771fa1243cf92dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63139
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Nov 2023 08:39:56 GMT

GET
H2 200 v1.js Show response
static.alliai.com/widget/ 74 KB
15 KB 74ms
9ms Script
application/javascript 2600:9000:2156:5600:17:a0f4:8900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.alliai.com/widget/v1.js
Requested by: Host: hopeforukraine.net
URL: https://hopeforukraine.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5600:17:a0f4:8900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a479ab353988ec7c3893bbc5f3307f8b02d041f779c838e2e31de65c6e9c7657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 04:36:41 GMT
content-encoding: gzip
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 14:09:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 14596
x-amz-server-side-encryption: AES256
etag: W/"36c9bf23f673dcaa2a7a724a0e4610ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: YirLciQqjOyE38uzc91meyuZJ04YrqvgH9i3jpQ4on2CHX9L1d4Prg==

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 photo_2023-11-06-20.29.15.jpeg
hopeforukraine.net/wp-content/uploads/2023/11/ 161 KB
160 KB 10ms
9ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/11/photo_2023-11-06-20.29.15.jpeg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

ae993ca5c332448005cc238bbdc9004570dc0cb2a9ad3dceacac76ce07f6cf2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230097-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 163403
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 01:30:54 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.006285,VS0,VE2
etag: W/"6549934e-2845f"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 Bright-Blue-White-Gradient-Gain-Volunteers-Raise-Funds-Banner-scaled.jpg
hopeforukraine.net/wp-content/uploads/2023/09/ 215 KB
213 KB 9ms
9ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/09/Bright-Blue-White-Gradient-Gain-Volunteers-Raise-Funds-Banner-scaled.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

0d64dc82bb3f3165d9ffe954b8a85f64a01d53c4b05dbaa3f417d908ab32bcea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230112-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 217771
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 04:01:20 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.006535,VS0,VE2
etag: W/"64ffe290-35a40"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 395712141_18287328817150001_1294920605767395888_n.jpg
hopeforukraine.net/wp-content/uploads/2023/10/ 360 KB
360 KB 14ms
13ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/10/395712141_18287328817150001_1294920605767395888_n.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

7592fb11a7a8490437637c12d7fa47825ab0115fb16db57e3c251f3d3f29a553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230086-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 367786
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 29 Oct 2023 22:53:47 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.006647,VS0,VE2
etag: W/"653ee27b-59fd6"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 cff-sprite.png
hopeforukraine.net/wp-content/plugins/custom-facebook-feed-pro/assets/img/ 6 KB
6 KB 24ms
24ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/plugins/custom-facebook-feed-pro/assets/img/cff-sprite.png

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/0aeed2bfa1d13345904d98a5fe2826ed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

1b848a355be593aa78a3fc3cee64c4c4cc12d8f352852ddd493297843c2d7317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/0aeed2bfa1d13345904d98a5fe2826ed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220051-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 5797
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Apr 2023 19:12:21 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.010334,VS0,VE2
etag: W/"643eeb95-1689"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/png
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 modules.woff
hopeforukraine.net/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 23ms
23ms Font
application/font-woff 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://hopeforukraine.net/
Origin: https://hopeforukraine.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230036-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 92476
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Jun 2023 15:54:12 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.012346,VS0,VE2
etag: "64873fa4-1693c"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: application/font-woff
vary: Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 home_header_bg_v2.jpg
hopeforukraine.net/wp-content/uploads/2023/01/ 74 KB
65 KB 10ms
9ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/01/home_header_bg_v2.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

833cd2dd1b7dd85e20ad7f0446fa0d0946e52653b3df29299d59313fb0fbadc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230049-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 66341
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Jan 2023 20:37:31 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.083990,VS0,VE2
etag: W/"63c06f8b-12885"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 header_img3.jpg
hopeforukraine.net/wp-content/uploads/2023/02/ 41 KB
42 KB 12ms
12ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/header_img3.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b5555288a111534a08c47cb4de54eb1ec422307b46947af8f2485b3a31059e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230120-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 42443
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 18:20:49 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.085210,VS0,VE1
etag: W/"63e68b01-a5df"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 header_img4.jpg
hopeforukraine.net/wp-content/uploads/2023/02/ 85 KB
85 KB 13ms
13ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/header_img4.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

2657f3f6c74ac3abb29bb0f1dbf51aabe85d184b20a8c05686bcb65ce4548699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220066-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 86587
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 18:20:51 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.085397,VS0,VE2
etag: W/"63e68b03-15231"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 home_map_v2.jpg
hopeforukraine.net/wp-content/uploads/2023/01/ 76 KB
76 KB 12ms
12ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/01/home_map_v2.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

d90a61bf6c040f9d1f54c1257e93a7cef6a0e4efbc9bd4be52a1af9540303dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220059-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 77504
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Jan 2023 16:16:08 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.087061,VS0,VE3
etag: W/"63c57848-130fc"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 footer_bg.jpg
hopeforukraine.net/wp-content/uploads/2023/01/ 276 KB
273 KB 12ms
12ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/01/footer_bg.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

586ac836f00f910cda0fd9010624d92748bf7953ab08ef0a0a386125d835f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/wp-content/et-cache/16/et-core-unified-tb-12-tb-53119-deferred-16.min.css?ver=1699321136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230090-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 278817
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Jan 2023 14:43:14 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.088168,VS0,VE2
etag: W/"63c01c82-45168"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/c2199353/www-widgetapi.vflset/ 161 KB
53 KB 38ms
11ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c2199353/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/9209bcb644ce742145dc91f58fb8b8a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

313e3f1e7602532f60ff66976093b05e8372eabcffee2df0814c237b9991d7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 21:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53399
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:18:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 02 Nov 2024 21:24:54 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 55ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Open+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic|Oswald:200,300,regular,500,600,700|Unna:regular,italic,700,700italic&subset=latin,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopeforukraine.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 483817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:16:19 GMT

GET
H2 200 AYCLpXzofN0NMiQugG7jRQ.woff2
fonts.gstatic.com/s/unna/v23/ 21 KB
21 KB 87ms
53ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/unna/v23/AYCLpXzofN0NMiQugG7jRQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2df7717098dffdf4ae5519962173934ea68e8ffd2fbeaa873cdd6aad1e4b044b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopeforukraine.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 16:09:26 GMT
x-content-type-options: nosniff
age: 405030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21528
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:10:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 16:09:26 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 51ms
50ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopeforukraine.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:18:14 GMT
x-content-type-options: nosniff
age: 483702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:18:14 GMT

POST
H2 200 admin-ajax.php Show response
hopeforukraine.net/wp-admin/ 4 KB
1 KB 3441ms
3440ms XHR
text/html 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-admin/admin-ajax.php

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/67e0b8a72d3f7ce91671920cf54ea71d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b9bc5f17fc9fd6d7738b6f83e456a2e916bc1739871475eda467f74c5b06f732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://hopeforukraine.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-fw-static: NO
date: Wed, 08 Nov 2023 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: NO:Not Cacheable
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
x-fw-dynamic: TRUE
server: Flywheel/5.1.0
x-timer: S1699432796.221057,VS0,VE3428
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hopeforukraine.net
x-fw-serve: TRUE
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
vary: Accept-Encoding, Authorization
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

POST
H2 200 admin-ajax.php Show response
hopeforukraine.net/wp-admin/ 107 B
256 B 3452ms
3452ms XHR
text/html 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hopeforukraine.net/wp-admin/admin-ajax.php

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/wp-content/uploads/hummingbird-assets/67e0b8a72d3f7ce91671920cf54ea71d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

4f303f5ed05445716b9964c24ec7d8a6c54fa09ca78fe53fbe8498d42f463242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://hopeforukraine.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-fw-static: NO
date: Wed, 08 Nov 2023 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: NO:Not Cacheable
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230119-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
x-fw-dynamic: TRUE
server: Flywheel/5.1.0
x-timer: S1699432796.228305,VS0,VE3439
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hopeforukraine.net
x-fw-serve: TRUE
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
vary: Accept-Encoding, Authorization
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 397123171_6504644189947_960485453729834328_n.jpg
scontent-ord5-1.xx.fbcdn.net/v/t45.1600-4/ 139 KB
139 KB 350ms
111ms Image
image/jpeg 2a03:2880:f082:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-1.xx.fbcdn.net/v/t45.1600-4/397123171_6504644189947_960485453729834328_n.jpg?_nc_cat=101&ccb=1-7&_nc_ohc=udxe4J3-jYMAX_ke6Cz&_nc_oc=AQmUI_zNGhMCcVNYc8fc1iLoZjltnzhTp0HhJYXR3qZFc0EMer4Tpwt7ww4-LkKSJmA&_nc_ht=scontent-ord5-1.xx&edm=AKIiGfEEAAAA&stp=dst-emg0_q75&ur=528f85&_nc_sid=64c8fc&oh=00_AfBm0h2uZnRr2glcyGnDyOUWKVtAa17PaMs14ozYNjcpIQ&oe=654FFA5E
Requested by: Host: hopeforukraine.net
URL: https://hopeforukraine.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a40d09e926b4938f9485827ae2bf901f6e3500c35dd7b35524d50bb8d03cb08f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:56 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 08 Nov 2023 01:58:30 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1466546740
thrift_fmhk: GBDWIU9tPsmLzo4wxQbH9cktFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 328144123
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 141921

GET
H2 200 756835201085500_725098179664032-0-400.jpg
hopeforukraine.net/wp-content/uploads/sb-facebook-feed-images/ 34 KB
34 KB 14ms
12ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/sb-facebook-feed-images/756835201085500_725098179664032-0-400.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b7506a0dcc5d09bb34ed909bfcb4be7b39f42efd71ebd596cce3961354ed3868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230104-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 34909
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 13:25:01 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.234623,VS0,VE1
etag: W/"654a3aad-8870"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 756835201085500_724581826382334-0-400.jpg
hopeforukraine.net/wp-content/uploads/sb-facebook-feed-images/ 39 KB
40 KB 154ms
154ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/sb-facebook-feed-images/756835201085500_724581826382334-0-400.jpg

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

19157679ec7e442a249cbaac32b4a820f2e0d2684d7b92198b37c627c5bc1fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230079-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 40290
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 13:13:47 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.234767,VS0,VE143
etag: W/"6548e68b-9dce"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 330768415_746200913800617_3776214231911202474_n.jpg
scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/ 2 KB
2 KB 343ms
108ms Image
image/jpeg 2a03:2880:f082:108:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ord5-2.xx.fbcdn.net/v/t39.30808-1/330768415_746200913800617_3776214231911202474_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=102&ccb=1-7&_nc_sid=5f2048&_nc_ohc=_-9RwO5f5fwAX-rLgZM&_nc_ht=scontent-ord5-2.xx&edm=AKIiGfEEAAAA&oh=00_AfAcnvhk8v1f4Ryg5e5-I3s7e1CEKbXFcqolbm6vKsuhcQ&oe=655029B3
Requested by: Host: hopeforukraine.net
URL: https://hopeforukraine.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 256974bedf14c545cdddd9d170ac6bf3f44b191d7540f8851d2520e1c06a8ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:56 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 11 Feb 2023 14:59:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2468490034
thrift_fmhk: GBBhIYOn9P6IWqLqW1p55rPnFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 836820977
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1666

GET
H2 200 logo_nav.png
hopeforukraine.net/wp-content/uploads/2023/01/ 75 KB
75 KB 67ms
62ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/01/logo_nav.png

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

a5ce7a71419f2f0899cb2e490adc48b0f3e37e76106dc3b9ff4d337f3c692493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230118-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 76954
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jan 2023 20:13:42 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.408391,VS0,VE4
etag: W/"63bf1876-12cc0"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/png
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 520-plate-fork-knife-outline.gif
hopeforukraine.net/wp-content/uploads/2023/02/ 348 KB
252 KB 41ms
36ms Image
image/gif 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/520-plate-fork-knife-outline.gif

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

562bff14127278617e08711be778a9ffc5f81c9f9063c706bbf4c177dcf89639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230040-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 257292
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 19:30:52 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.408416,VS0,VE3
etag: W/"63e69b6c-570d0"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/gif
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 1269-medical-stretcher-hospital-bed-outline.gif
hopeforukraine.net/wp-content/uploads/2023/02/ 173 KB
100 KB 42ms
38ms Image
image/gif 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/1269-medical-stretcher-hospital-bed-outline.gif

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

4548051fbc85d7fbd530d50bf75841dbda88874d98ca2c405cd96813b35a816d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230054-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 101869
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 19:43:17 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.408386,VS0,VE3
etag: W/"63e69e55-2b343"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/gif
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 485-hospital-outline.gif
hopeforukraine.net/wp-content/uploads/2023/02/ 338 KB
99 KB 32ms
27ms Image
image/gif 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/485-hospital-outline.gif

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

750c6368891bf21f8f1df12b5d8cdf78827b1486df20072f037b421d060164c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230029-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 101050
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 19:45:33 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.408565,VS0,VE2
etag: W/"63e69edd-5474c"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/gif
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 1255-first-aid-kit-outline.gif
hopeforukraine.net/wp-content/uploads/2023/02/ 270 KB
162 KB 32ms
28ms Image
image/gif 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/1255-first-aid-kit-outline.gif

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

2045bc5941115716a431db7f5f3ff4f7a42beb9b3ba0f1bbf2ad97cb79402a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230056-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 165648
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 19:58:25 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.408372,VS0,VE2
etag: W/"63e6a1e1-43667"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/gif
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 274-male-and-two-female-outline.gif
hopeforukraine.net/wp-content/uploads/2023/02/ 271 KB
196 KB 36ms
33ms Image
image/gif 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/274-male-and-two-female-outline.gif

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

d3370236f18fca7f9fa5bc479f0ee0dec3cdaf3c053a123bf6616749e809b828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220028-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 200554
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 19:58:26 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.408329,VS0,VE3
etag: W/"63e6a1e2-43c0a"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/gif
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 63-home-outline.gif
hopeforukraine.net/wp-content/uploads/2023/02/ 212 KB
151 KB 38ms
34ms Image
image/gif 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/02/63-home-outline.gif

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

517a3e0fd53a4a6937d02cce1c46da382aaacc9de1fc3af12299de23c1292ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220062-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 154494
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Feb 2023 19:58:27 GMT
server: Flywheel/5.1.0
x-timer: S1699432796.408361,VS0,VE3
etag: W/"63e6a1e3-350c9"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/gif
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N5H5TSC4YY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHQQD9Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be64d12aac81891963fffd4237a244b3118d60d7fdbbe6b64a336f4abe80a374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:39:56 GMT

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 42 KB
11 KB 101ms
42ms Script
text/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd647d8ae1ca393a52b8a8e06afac09b2e8221cce3c4b89a8ebff978b3725b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 556
x-amz-request-id: QR1JBQD5XMMC59JR
x-amz-server-side-encryption: AES256
x-amz-id-2: 3wcguw7Ti5ecYsntzk+qdG04s+NXgl4bwS1lO3ch9U727N5Ea7ZKlem0z26PGcS6vDE0bgkDH5U=
last-modified: Wed, 25 Oct 2023 23:02:09 GMT
cf-bgj: minify
server: cloudflare
etag: W/"f0362a76a22a66f6bd5cfb9f219b182e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 822c82221ad53809-FRA

GET
H2 403 customizations
d2azal32wgllwk.cloudfront.net/api/v3/widget/site_6ETHS8LJDCvupNyA/ 0
0 641ms
603ms Fetch
text/html 2600:9000:2156:7800:17:a0f4:8900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2azal32wgllwk.cloudfront.net/api/v3/widget/site_6ETHS8LJDCvupNyA/customizations?l=en-US&p=%2F&h=hopeforukraine.net

Requested by

Host: static.alliai.com
URL: https://static.alliai.com/widget/v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:17:a0f4:8900:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://hopeforukraine.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: FRA50-C1
x-cache: Error from cloudfront
content-length: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1699432796&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=YKG1vwrsclqQiPqDPh23f3QfCM7Cdv%2BGu8Q6woTw3W0%3D
x-request-id: 294b85c1-3dd5-4b05-b3b2-1f4813d9c05f
x-runtime: 0.218423
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699432796&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=YKG1vwrsclqQiPqDPh23f3QfCM7Cdv%2BGu8Q6woTw3W0%3D"}]}
access-control-allow-origin: *
content-type: text/html
access-control-expose-headers
cache-control: max-age=3600, public
vary: Origin
x-amz-cf-id: se0s--bj2_9YtjuSJ5wlk__TGBnJ6MOoI1x3qBaJM6zmaoDmeK1K-g==

GET
H2 403 recommendations
d2azal32wgllwk.cloudfront.net/api/v3/widget/site_6ETHS8LJDCvupNyA/ 0
0 603ms
565ms Fetch
text/html 2600:9000:2156:7800:17:a0f4:8900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2azal32wgllwk.cloudfront.net/api/v3/widget/site_6ETHS8LJDCvupNyA/recommendations?l=en-US&p=%2F&h=hopeforukraine.net

Requested by

Host: static.alliai.com
URL: https://static.alliai.com/widget/v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:17:a0f4:8900:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://hopeforukraine.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: FRA50-C1
x-cache: Error from cloudfront
content-length: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1699432796&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=YKG1vwrsclqQiPqDPh23f3QfCM7Cdv%2BGu8Q6woTw3W0%3D
x-request-id: 1fe1ea6f-c36b-434f-a921-ff7c912fc076
x-runtime: 0.168462
server: Cowboy
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699432796&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=YKG1vwrsclqQiPqDPh23f3QfCM7Cdv%2BGu8Q6woTw3W0%3D"}]}
access-control-allow-origin: *
content-type: text/html
access-control-expose-headers
cache-control: max-age=10800, public
vary: Origin
x-amz-cf-id: sqYNRFTR0bPhYMw0bKa4mh9CffDcaSGPNefXLYrAz0fAmMaaZG2ovA==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 55ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N5H5TSC4YY&gtm=45je3b60v9101625104z89121228111&_p=1699432795984&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2061562561.1699432797&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699432796&sct=1&seg=0&dl=https%3A%2F%2Fhopeforukraine.net%2F&dt=Hope%20for%20Ukraine%20Charity%20%7C%20Ukraine%20Donation%20Site&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1345
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5H5TSC4YY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 08:39:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hopeforukraine.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 60ms
19ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N5H5TSC4YY&cid=2061562561.1699432797&gtm=45je3b60v9101625104z89121228111&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5H5TSC4YY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 08:39:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hopeforukraine.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 50ms
21ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N5H5TSC4YY&cid=2061562561.1699432797&gtm=45je3b60v9101625104z89121228111&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=308093870

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Nov 2023 08:39:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
donate.hfu.org/give/493707/ Frame 17A0 94 KB
29 KB 1043ms
924ms Document
text/html 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/give/493707/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5473797ba4b9f35c06bfdbf413a3a67e0c755106b5ddc7a5d4fc7e62201bed45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://donate.hfu.org https://hopeforukraine.flywheelsites.com https://hopeforukraine.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hopeforukraine.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 822c8224aa1d18f5-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://donate.hfu.org https://hopeforukraine.flywheelsites.com https://hopeforukraine.net;
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:39:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main.css
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/ Frame 17A0 1 MB
145 KB 85ms
39ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Requested by

Host: donate.hfu.org
URL: https://donate.hfu.org/give/493707/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18956d2f9cb5d2e24a34b58e390cd121dfb8d650507a1d1ca30d5ad5e3bb9be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8BBT3W1QG29EHKAY
age: 41294
cf-polished: origSize=1145155
x-amz-server-side-encryption: AES256
x-amz-id-2: uR7jJrYkCaGF8KA384x2yco178mEeZLvjv1pRcuRE7m3gj9OPZbCS5e7KSRB6C1XO3rFMCaBn1I=
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
etag: W/"55e5d67c21bf2bccf9bc1a71bd12299f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 822c822b6f393809-FRA

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame 17A0 141 KB
17 KB 105ms
8ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: donate.hfu.org
URL: https://donate.hfu.org/give/493707/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 08:39:58 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 2339
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Mon, 06 Nov 2023 23:21:44 GMT
server: ECAcc (frc/4CF6)
etag: 0x8DBDF1F24179836
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: 3f2040b1-401e-0009-7f19-1200d4000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 08 Nov 2023 09:39:58 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 17A0 131 KB
45 KB 53ms
12ms Script
application/javascript 2600:9000:2250:a200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: donate.hfu.org
URL: https://donate.hfu.org/give/493707/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7fa5416dc406fd24291a3d215e542de9cc3ebdd9412495b61a2a1767666c1a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
content-encoding: br
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: 1zXXVacUJgch5RHx7PKNOAq_sH5fYQjex92rfshFzhxkktCLQIqoPg==
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
donate.hfu.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 17A0 12 KB
4 KB 94ms
94ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: donate.hfu.org
URL: https://donate.hfu.org/give/493707/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/give/493707/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 27 Oct 2023 14:30:26 GMT
server: cloudflare
content-encoding: gzip
etag: W/"653bc982-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 822c822bdb3918f5-FRA
expires: Fri, 10 Nov 2023 08:39:58 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 17A0 20 KB
7 KB 122ms
43ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: donate.hfu.org
URL: https://donate.hfu.org/give/493707/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://donate.hfu.org/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 822c822ceca65c02-FRA

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ Frame 17A0 0
0 367ms
366ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://files.doublethedonation.com/app/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 09:39:58 GMT
x-ms-request-id: 99320d55-001e-0055-511f-12558c000000
date: Wed, 08 Nov 2023 08:39:57 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 17A0 26 KB
12 KB 39ms
19ms Script
text/javascript 2600:9000:2250:a200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donate.hfu.org/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: 2HwkiXQectHLaswMS7GXtsj7Fj29XM2H
content-encoding: gzip
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 03:08:30 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 19904
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"00c3b072683167edc19c510fffec8e50-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: ERSRuOPJNuFgPyWlfhanQYMzotzUmSEEBxW7RCUMxGPAZWvVzEuhPA==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 17A0 267 KB
77 KB 16ms
8ms Script
text/javascript 2600:9000:2250:a200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donate.hfu.org/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 08:17:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 5338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: qVjIEJYZgfmFIBt-VeIOChd4MZiIwCJf2TAt9jD8H1IJzGpaSB_JRw==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 17A0 19 KB
5 KB 523ms
126ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:39:58 GMT
last-modified: Tue, 07 Nov 2023 16:53:51 GMT
etag: "8079ebfb9a11da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 17A0 7 KB
3 KB 53ms
20ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2819412
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HC30KF03Z4D4F1BP1696345K-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 822c822ed9b865b2-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/donation/ Frame 17A0 184 KB
38 KB 33ms
31ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de2cb4c9ce1677fba9438fca34d6b47936aed59f13069495765343e859578cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
x-amz-request-id: WVJ61274PNTTEZQH
age: 26453
etag: W/"089b8a713fff449a3d5d50ad1c44b6b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 822c822e9b1e3809-FRA
x-amz-id-2: wGFhUNQa2mWMhipiuWR64WDdUajGE3e3JNXB7Hifnc3tAzrA8PjvAigYKFDJFza80kQBqhldzTA=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/ Frame 17A0 2 MB
387 KB 47ms
45ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38fb913bc8a440947a0a4605ceac8b470899ade135151adefe63efa150810ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: 4CWMTHDXAE2HR5VB
age: 26528
etag: W/"0c27168ea89a2ca7b04c8e7c8a5b75d3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 822c822e9b203809-FRA
x-amz-id-2: xfq8qBPbqecH6xwCYcz4eG3R93h+663IL20BI3//DZV8VBIi/T1wK/cJK8GJt3K5KRFnOYg4rJo=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/ Frame 17A0 1 MB
429 KB 38ms
37ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: WVJ5SBSXNGWFK39R
age: 26529
etag: W/"89ff3b468454fac32729fc74e3c9be17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 822c822eab243809-FRA
x-amz-id-2: woitHntYLLD5jpWgHqnmHl8HFbfACqNgbtfRDfebpN/PtxCDsL1ATf8wung+edgAH0fjEtAV3sg=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 17A0 143 KB
43 KB 76ms
40ms Script
application/javascript 13.32.121.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d91d7fd9c0611ab9052a2124103f31709e6ac6609b159669d315c5f0fe16604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 16:16:44 GMT
x-amz-version-id: XJ6iXoa3EjUi7j7TbLm3UWuIj8Y_gOQp
content-encoding: gzip
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-request-id: V4F20ZMPXG9XF1C3
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 58995
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: 2kdS6MVQrr3Qg5yLLLZuk8doV8Je/VNr9vZavYnYcfx0l+3e4xsfYBQpSHigYKYjQMzfbizHkZc=
last-modified: Tue, 07 Nov 2023 16:04:32 GMT
server: AmazonS3
etag: W/"76e58bb89a40485135048833c39782c2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: Xyx-YHIQFDaVuxs0CXLi_zVCgqU2upWRp1cp-OAaRafYco_-dNVVGw==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 17A0 552 KB
153 KB 55ms
10ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0524593c51d313589e0e8e8a8b069c1c7ecc5dc94a2c59dd2809b0e326d407f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:39:58 GMT
via: 1.1 varnish
age: 15
x-cache: HIT
content-length: 156099
x-request-id: c3981151-6bd4-4a00-8831-6b2c8920e3da
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 07 Nov 2023 21:59:01 GMT
server: Fastly
etag: "7b44d268e0c6393b9663b52a3c1d850a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame 17A0 450 KB
116 KB 9ms
8ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 0edf8bc8c6df3c99cc8b025fe674ca0cf1f515459ea160d4a39942bb80988f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Nov 2023 08:39:58 GMT
content-encoding: gzip
content-md5: PjbR72YH56HH6wNQ6eeAfg==
age: 1902
x-cache: HIT
content-length: 118376
x-ms-lease-status: unlocked
last-modified: Mon, 06 Nov 2023 23:21:44 GMT
server: ECAcc (frc/4C94)
etag: 0x8DBDF1F24246784
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: 2995811b-501e-0067-051a-1255fb000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 08 Nov 2023 09:39:58 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 17A0 15 KB
4 KB 10ms
8ms Stylesheet
text/css 2600:9000:2250:a200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 02:09:22 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 23437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: G4sNtiZozJCMDIoBkd1e4uHJYEs8tidfVCQIHIQr5TEIgE75Q2LH5g==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 17A0 8 KB
3 KB 10ms
9ms Fetch
application/json 2600:9000:2250:a200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
date: Wed, 08 Nov 2023 02:12:10 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 26886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: il9lzL4pmygVfktCDHYf25Lp3Y4x4_vDJWkYb4IHYjyAOz0E0D5r7Q==

GET
H2 200 candid-seal-acwis.jpg
hopeforukraine.net/wp-content/uploads/2023/06/ 23 KB
17 KB 472ms
472ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/06/candid-seal-acwis.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

ad579d3c56c575ce438555fdbd2ed292af51f652603858b64ce44cf29785f79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-etou8220067-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 17343
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 10 Jun 2023 02:52:11 GMT
server: Flywheel/5.1.0
x-timer: S1699432799.727069,VS0,VE463
etag: W/"6483e55b-5de4"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 sdk.js Show response
donate.hfu.org/sso/ Frame 17A0 26 KB
7 KB 168ms
168ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/give/493707/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 08:39:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 822c8230fa0f18f5-FRA
expires: Wed, 08 Nov 2023 08:59:58 GMT

GET
H2 200 4StarSquare-1.jpg
hopeforukraine.net/wp-content/uploads/2023/06/ 82 KB
70 KB 10ms
9ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopeforukraine.net/wp-content/uploads/2023/06/4StarSquare-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

81e2c91b84062e51f235edfb4abbd202aed18a7c1e5194d8f496c1153f0f797b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hopeforukraine.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fw-static: YES
date: Wed, 08 Nov 2023 08:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, HIT
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-fra-eddf8230106-FRA, cache-fra-eddf8230119-FRA
x-fw-type: VISIT
content-length: 71288
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 10 Jun 2023 04:18:38 GMT
server: Flywheel/5.1.0
x-timer: S1699432799.923494,VS0,VE2
etag: W/"6483f99e-1466e"
x-fw-hash: rnldmbaqtj
x-fw-version: 5.0.0
content-type: image/jpeg
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 5FE0 200 B
842 B 8ms
8ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.hfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5224521
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:39:59 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 327586
x-content-type-options: nosniff
x-request-id: 5094ac9e-99b2-4f83-8b25-5766f85905d3
x-served-by: cache-fra-etou8220068-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 17A0 993 B
2 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9784a0bbe8067a8166fb722480f242abbcec13f47fe05b4c4210a16956cc2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 08 Nov 2023 08:39:59 GMT

POST
H2 204 rum Show response
donate.hfu.org/cdn-cgi/ Frame 17A0 0
141 B 14ms
12ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-9dd24727c9d419dc----1699432799523
traceparent: 00-fbf66e00e9925759e63f3c96608d9d00-9dd24727c9d419dc-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5ZGQyNDcyN2M5ZDQxOWRjIiwidHIiOiJmYmY2NmUwMGU5OTI1NzU5ZTYzZjNjOTY2MDhkOWQwMCIsInRpIjoxNjk5NDMyNzk5NTIzfX0=
content-type: application/json
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.hfu.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 822c8235083118f5-FRA

GET
H2 200 channels Show response
donate.hfu.org/frs-api/campaigns/493707/ Frame 17A0 1 KB
683 B 455ms
455ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/frs-api/campaigns/493707/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

528f7e41c2da033c5cab9bb987e039b15dee710505f1fba2e29edddeeb67889f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-dbf955d6b40a2425----1699432799526
traceparent: 00-69c2c587da2d66eb15f251348d422b00-dbf955d6b40a2425-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkYmY5NTVkNmI0MGEyNDI1IiwidHIiOiI2OWMyYzU4N2RhMmQ2NmViMTVmMjUxMzQ4ZDQyMmIwMCIsInRpIjoxNjk5NDMyNzk5NTI2fX0=
Accept: application/json, text/plain, */*
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40f-vleVFNqmFGwHnxWXV5skWb3W+mw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822c8235083618f5-FRA

GET
H2 200 tax-entities Show response
donate.hfu.org/frs-api/organizations/84741/ Frame 17A0 629 B
533 B 423ms
423ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/frs-api/organizations/84741/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f289061ed2fb91aa5a6286281040348271e1c70126d7035a6697a737d3e1330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-1ca8d9ad3c208310----1699432799622
traceparent: 00-b01a06aabb4307eb11acf3d44d2d2100-1ca8d9ad3c208310-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxY2E4ZDlhZDNjMjA4MzEwIiwidHIiOiJiMDFhMDZhYWJiNDMwN2ViMTFhY2YzZDQ0ZDJkMjEwMCIsInRpIjoxNjk5NDMyNzk5NjIyfX0=
Accept: application/json, text/plain, */*
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-hVBGJSQ6iztYju0P1SRH0WV+b2A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822c8235a8e918f5-FRA

GET
H2 200 ach-account-routing Show response
donate.hfu.org/frs-api/organizations/84741/ Frame 17A0 33 B
285 B 437ms
437ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/frs-api/organizations/84741/ach-account-routing

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-5b660a05a256606d----1699432799798
traceparent: 00-281a57d0d4b0c0371b2b8870a5986e00-5b660a05a256606d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1YjY2MGEwNWEyNTY2MDZkIiwidHIiOiIyODFhNTdkMGQ0YjBjMDM3MWIyYjg4NzBhNTk4NmUwMCIsInRpIjoxNjk5NDMyNzk5Nzk4fX0=
Accept: application/json, text/plain, */*
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822c8236ca5118f5-FRA
content-length: 33

GET
H2 200 currency-conversions Show response
donate.hfu.org/frs-api/i18n/ Frame 17A0 75 B
469 B 397ms
396ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2f0ecefec4b6679dda1810fc08c8e1f8f930436753344f20b55928230a963b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-665d8ee7b478785f----1699432799829
traceparent: 00-13e507bfaa225dad8155f1ae3dc47500-665d8ee7b478785f-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NjVkOGVlN2I0Nzg3ODVmIiwidHIiOiIxM2U1MDdiZmFhMjI1ZGFkODE1NWYxYWUzZGM0NzUwMCIsInRpIjoxNjk5NDMyNzk5ODI5fX0=
Accept: application/json, text/plain, */*
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-iPgZxI4H/H2aB/vS6w3kW8T7Cu4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 822c8236fa8818f5-FRA

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 17A0 88 B
690 B 295ms
248ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=24818&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.hfu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 3a082064-ee79-402d-907b-bcded5a3d26f
cf-ray: 822c82375fa85d55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
donate.hfu.org/static/global/images/ Frame 17A0 4 KB
5 KB 403ms
396ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.hfu.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/give/493707/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Fri, 03 Nov 2023 01:03:42 GMT
server: cloudflare
etag: "654446ee-11ec"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 822c82373acd18f5-FRA
content-length: 4588
expires: Thu, 07 Nov 2024 08:40:00 GMT

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 17A0 1 KB
899 B 38ms
32ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: TB14GAJGG0PTTJ0M
age: 23565
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822c82373dd03809-FRA
x-amz-id-2: 9StytI1a0z6Dzo9ljZ36K77NGCPwFy3YrmJax4U0YT55mSd3YWn49k1dGQ5v1YWp3RSgwi7ohYw=

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 17A0 1 KB
867 B 40ms
35ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: STTH52F7RE81EDYP
age: 24367
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822c82373dd53809-FRA
x-amz-id-2: XGzfRPbRDP1CNwZwDSZY9AuJM9LaXXODTCcy/LvfCr/3jTvGzLiESBmT3pCzrdCeHayD9WtbA2Au9c9/U09YUupaqzTiNkh5

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 17A0 3 KB
1 KB 43ms
38ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: TB19NK6ABZAHH4X2
age: 23565
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822c82373dd73809-FRA
x-amz-id-2: OCGALsGBKkJR4ZvnPblv0Hl6zBgMjTNYAi3RbK8FR9YN2ltylhvPcpiQoHZNS+m+v4qE1kIUpRE=

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 17A0 1 KB
1 KB 41ms
36ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TB10FFFEW1GQ5ZK9
age: 23565
x-amz-server-side-encryption: AES256
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_vRMNVsQ6oQcsUf.wFa_vqLn3HF6PJsLTkBpChRoTY4-1699432799-0-AawauqdckhDUc1IsSYi_nCT6m6RqGny5B8GKcjeMMOH94k27QY-kV2l4KUU7xPHMcGnBVOflYiKnQJMkh7WGnEdF_eQwxT3kuXWUlZ2KpRgplokcYL0rlh25uwfpcKNery8IZMbb6MPNYfdcNdNJXnWyPeYl_WSW7nq8cOC8ixm7; report-to cf-csp-endpoint
x-amz-id-2: fU5EPr01PlaG9y8Q3lnbUb/d57ccLHLR3EjvOfaq199kU65/j5hQAGL2ypjBbJaWhMyrZWLhv3Q=
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_vRMNVsQ6oQcsUf.wFa_vqLn3HF6PJsLTkBpChRoTY4-1699432799-0-AawauqdckhDUc1IsSYi_nCT6m6RqGny5B8GKcjeMMOH94k27QY-kV2l4KUU7xPHMcGnBVOflYiKnQJMkh7WGnEdF_eQwxT3kuXWUlZ2KpRgplokcYL0rlh25uwfpcKNery8IZMbb6MPNYfdcNdNJXnWyPeYl_WSW7nq8cOC8ixm7"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822c82373dd93809-FRA

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 17A0 6 KB
2 KB 34ms
31ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: 6VZF5MYEF261BTXZ
age: 24367
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822c82373dda3809-FRA
x-amz-id-2: 0dTpP6KiO9XPRFydtEpY2ETd2A7MMhWRJe3f3U32+u4dY2Vdt3XTbxeGTTGlmYq/ya7A1aY4LkI=

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/ Frame 17A0 1 KB
948 B 36ms
33ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
x-amz-request-id: 083MBF265HYWHFJT
age: 15860
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 822c82373ddc3809-FRA
x-amz-id-2: Uor/ZkSEM6M0W9gNWPWXYfQGgEWFi2F2kknCKuzl1Z0nfbLbMBWiLTCpPbd7VWoD7NQQ2IrxMoo=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/ Frame 17A0 394 B
688 B 30ms
30ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: VXXMVY45B08PD2B7
age: 3291
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: ve6n7TJuMc3Dsw6VBn4aoBZobgM+my023X46h0nImAWhlHvb53NwU3S2VMVEui9zq7yeabhdAwM=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 01:07:54 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 822c82375e013809-FRA

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/fonts/ Frame 17A0 42 KB
43 KB 66ms
32ms Font
application/x-font-woff 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5013720a1091644b368a9265d4c42b174b4536b40bf423f95ffc38f8ad1fe1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 7H6HAZRG9KXJF31M
age: 44060
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: imgn7E7UmVthnnsfHV2wBVI8Cz3QDXzvifx3IIOASb8YHo2BEz6QZtNu1HjbsA6mkGREewDPdhc=
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
etag: "c16dd065e52479f3eb570bada1ac44a0"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 822c82377a2419b3-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/fonts/ Frame 17A0 65 KB
66 KB 610ms
576ms Font
binary/octet-stream 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/247cab82a6a40fe89592359b6961944b52d9a282/static/frs/main.css
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: H17R5MFFCAP09SHW
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: Bv9QIe7quCZQTtK0sKDZZR+LUncWELXVaJRBSmj53YV1GsJY6H98PeVEcD0jRwhbT30lYoHAp2g=
last-modified: Fri, 03 Nov 2023 01:07:53 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 822c82377a2819b3-FRA

POST
H2 204 rum Show response
donate.hfu.org/cdn-cgi/ Frame 17A0 0
37 B 12ms
11ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-0c463185c64eb225----1699432799896
traceparent: 00-c6a4cd1524fc887c46d6e70345f6a500-0c463185c64eb225-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwYzQ2MzE4NWM2NGViMjI1IiwidHIiOiJjNmE0Y2QxNTI0ZmM4ODdjNDZkNmU3MDM0NWY2YTUwMCIsInRpIjoxNjk5NDMyNzk5ODk2fX0=
content-type: application/json
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:39:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.hfu.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 822c82375b1618f5-FRA

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 17A0 88 KB
31 KB 580ms
155ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://donate.hfu.org/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 49286
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-bom4722-BOM
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699432800.418120,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 10, 21285

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5FE0 631 B
527 B 17ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:39:59 GMT
via: 1.1 varnish
age: 5224521
x-cache: HIT
content-length: 399
x-request-id: e855968c-58c6-48da-9d24-99c58619292b
x-served-by: cache-fra-etou8220068-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 310962

GET
H2 200 css
fonts.googleapis.com/ Frame 17A0 11 KB
843 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 08:13:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 08:39:59 GMT

GET
H2 200 transaction-estimates Show response
donate.hfu.org/frs-api/campaign/493707/ Frame 17A0 364 B
255 B 434ms
434ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/frs-api/campaign/493707/transaction-estimates?amex=false&amount=0&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

821f3475222aa7c8f2e0914d5d12f95c45058493234d841885eff39cf52f5135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-bccf476a921e2a1c----1699432799918
traceparent: 00-49fcb92a3848664de11a0aa9a92f9a00-bccf476a921e2a1c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiY2NmNDc2YTkyMWUyYTFjIiwidHIiOiI0OWZjYjkyYTM4NDg2NjRkZTExYTBhYTlhOTJmOWEwMCIsInRpIjoxNjk5NDMyNzk5OTE4fX0=
Accept: application/json, text/plain, */*
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16c-/cjtC0AtFVGHDWHfsQg94FYiEgw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 822c82378b4918f5-FRA

GET
H2 200 transaction-estimates Show response
donate.hfu.org/frs-api/campaign/493707/ Frame 17A0 364 B
822 B 485ms
485ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/frs-api/campaign/493707/transaction-estimates?amex=false&amount=0&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

821f3475222aa7c8f2e0914d5d12f95c45058493234d841885eff39cf52f5135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-6e81911853f02fd8----1699432799921
traceparent: 00-688f84849fbd42fe3acca71bae3d6400-6e81911853f02fd8-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2ZTgxOTExODUzZjAyZmQ4IiwidHIiOiI2ODhmODQ4NDlmYmQ0MmZlM2FjY2E3MWJhZTNkNjQwMCIsInRpIjoxNjk5NDMyNzk5OTIxfX0=
Accept: application/json, text/plain, */*
Referer: https://donate.hfu.org/give/493707/

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16c-/cjtC0AtFVGHDWHfsQg94FYiEgw"
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4V.TYLZf62Hm97Adub.j4jOiOhmP9voBITGlVTSDwps-1699432800-0-AVATJub5yls2SLGidgPY098aYQpNLC9J_mRhh4t2eA8rz5xSCspg9MrpOPFmvdLfo2Esi8nFEqa9NHneddJnqQUTsBiEKKw0XtnYHrZtNpHD23MN-TKeJSQ8YBHu4oVSYTPd6dupxfe4EuvSofMVv1A; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=4V.TYLZf62Hm97Adub.j4jOiOhmP9voBITGlVTSDwps-1699432800-0-AVATJub5yls2SLGidgPY098aYQpNLC9J_mRhh4t2eA8rz5xSCspg9MrpOPFmvdLfo2Esi8nFEqa9NHneddJnqQUTsBiEKKw0XtnYHrZtNpHD23MN-TKeJSQ8YBHu4oVSYTPd6dupxfe4EuvSofMVv1A"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-ray: 822c82378b5218f5-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 5FE0 0
718 B 550ms
174ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800414712
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800414160
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5FE0 0
717 B 553ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800415611
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800414495
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/2be84af7/www-widgetapi.vflset/ Frame 17A0 215 KB
67 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7507ad2027c552f3600db1fed77807298337de407710ebb6b75dd42797f0415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:07:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68165
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Nov 2024 08:07:12 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame EA25 930 B
2 KB 139ms
9ms Document
text/html 2600:9000:206f:b200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 190
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:36:51 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-id: mP-W4HUaBqhopnZa3EeHbdfMrMSNNEEbSBlXW2L1xDc2_l7lagojSw==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 17A0 29 KB
30 KB 83ms
82ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:12:14 GMT
x-content-type-options: nosniff
age: 170866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 09:12:14 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 17A0 29 KB
29 KB 84ms
84ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:12:14 GMT
x-content-type-options: nosniff
age: 170866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 09:12:14 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 17A0 32 KB
32 KB 75ms
73ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:15:25 GMT
x-content-type-options: nosniff
age: 480275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 19:15:25 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 17A0 32 KB
32 KB 76ms
75ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 19:15:25 GMT
x-content-type-options: nosniff
age: 480275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 19:15:25 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 17A0 29 KB
29 KB 66ms
65ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:12:14 GMT
x-content-type-options: nosniff
age: 170866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 09:12:14 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 17A0 29 KB
29 KB 69ms
68ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:12:14 GMT
x-content-type-options: nosniff
age: 170866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 09:12:14 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 17A0 29 KB
29 KB 71ms
70ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.hfu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:12:14 GMT
x-content-type-options: nosniff
age: 170866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 09:12:14 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame EA25 0
491 B 291ms
175ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800414800
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1699432800414338
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame EA25 87 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:206f:b200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:b200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:38:47 GMT
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 74
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: aiu0E-sxO6aeyPNjGVQ6rTwNBbLjsW-sK-M0wApprJ9jhxj3BxrWuQ==

GET transaction-estimates
donate.hfu.org/frs-api/campaign/493707/ Frame 17A0 0
0

POST
H2 200 6 Show response
m.stripe.com/ Frame EA25 156 B
668 B 548ms
179ms XHR
application/json 18.236.9.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.9.94 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-9-94.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b69a25dc199eefb0eaa6100867d9e4d238c58a33accddf2b260f1eeee707489b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800800711
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699432800800289
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 controller-d9678bdd3bd53f13b263f8cb303c8ff6.html Show response
js.stripe.com/v3/ Frame E9AE 325 B
875 B 9ms
9ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

66739acaaa4a97f905fa0dbc1f9c79ae864e74f800856ae12b3988debfa986fd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.hfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:40:00 GMT
etag: "d9678bdd3bd53f13b263f8cb303c8ff6"
last-modified: Tue, 07 Nov 2023 21:22:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 16
x-content-type-options: nosniff
x-request-id: 89459569-4b0e-432c-bdca-92424fbab7a8
x-served-by: cache-fra-etou8220068-FRA

GET
H2 200 payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html Show response
js.stripe.com/v3/ Frame 3812 408 B
969 B 7ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.hfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 40505
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:40:00 GMT
etag: "5193e04cdbb8b74183f82b5fa37af57f"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 324
x-content-type-options: nosniff
x-request-id: f7a12dc1-73bc-4b95-9fbe-0b776a67aa9e
x-served-by: cache-fra-etou8220068-FRA

GET
H2 200 payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html Show response
js.stripe.com/v3/ Frame B816 344 B
976 B 9ms
9ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.hfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 50
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:40:00 GMT
etag: "776ea7e8cfad736af619f73414cf2123"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 2babca59-a843-4b86-b6de-32c4d30ae596
x-served-by: cache-fra-etou8220068-FRA

GET
H2 200 payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html Show response
js.stripe.com/v3/ Frame 018F 408 B
301 B 15ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.hfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 40505
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:40:00 GMT
etag: "5193e04cdbb8b74183f82b5fa37af57f"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 325
x-content-type-options: nosniff
x-request-id: 8da363a9-bb96-4e41-9745-1c0aab82c89a
x-served-by: cache-fra-etou8220068-FRA

GET
H2 200 payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html Show response
js.stripe.com/v3/ Frame 8816 344 B
392 B 10ms
8ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.hfu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 50
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 08 Nov 2023 08:40:00 GMT
etag: "776ea7e8cfad736af619f73414cf2123"
last-modified: Tue, 07 Nov 2023 21:22:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 8c2efb9c-62b9-46d0-bc70-c794815dbf00
x-served-by: cache-fra-etou8220068-FRA

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
donate.hfu.org/sso/ssobuild/js/ Frame 17A0 12 KB
5 KB 57ms
56ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-1d93fc8c2149b266----1699432800583
traceparent: 00-c5b4bf66889437d2c6d3f4ca2c7ef100-1d93fc8c2149b266-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxZDkzZmM4YzIxNDliMjY2IiwidHIiOiJjNWI0YmY2Njg4OTQzN2QyYzZkM2Y0Y2EyYzdlZjEwMCIsInRpIjoxNjk5NDMyODAwNTgzfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.hfu.org/give/493707/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 19:49:10 GMT
cf-bgj: minify
server: cloudflare
age: 668949
etag: W/"65397136-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 822c823ba87d18f5-FRA
expires: Wed, 30 Oct 2024 14:50:50 GMT

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E9AE 532 KB
129 KB 8ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 40562
x-cache: HIT
content-length: 131812
x-request-id: 55855ff6-63b9-47ae-9125-59c056f78420
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5266

GET
H2 200 controller-22767579e868646fe8fee170ca5969e2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E9AE 652 KB
170 KB 14ms
13ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-22767579e868646fe8fee170ca5969e2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e973184fdfd8d34a092c8372b01b5a26eba02a08a1027bdc4faac414c93d59bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 40562
x-cache: HIT
content-length: 173826
x-request-id: 1cd049b5-3948-44d7-ab9a-c0179429ef40
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 07 Nov 2023 21:22:39 GMT
server: Fastly
etag: "f776c00e01bc6a7932584c5dc3addff7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5216

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 3812 118 KB
37 KB 119ms
71ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2665ff8dd613b62af6d60c79e90069e3739b39e050f953fac88e46183d51d747

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-XKFUnx8oQOisLCjt3a1bNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-XKFUnx8oQOisLCjt3a1bNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 08:40:00 GMT

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3812 532 KB
129 KB 11ms
11ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 40562
x-cache: HIT
content-length: 131812
x-request-id: c190ab02-ebf6-4f59-99ef-a0f48cf18f6e
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5267

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3812 10 KB
4 KB 7ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 1264682
x-cache: HIT
content-length: 4272
x-request-id: 9a170aea-dd60-48d7-b2b5-2c13c76a8315
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7894

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B816 532 KB
129 KB 21ms
18ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 40562
x-cache: HIT
content-length: 131812
x-request-id: 66be98fe-bcaa-40ad-bc8f-9656886d7eaa
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5268

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B816 12 KB
5 KB 18ms
15ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 2525670
x-cache: HIT
content-length: 4877
x-request-id: eb23716c-dc02-45e4-bb88-31111f404c27
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17797

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 018F 118 KB
36 KB 116ms
75ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2665ff8dd613b62af6d60c79e90069e3739b39e050f953fac88e46183d51d747

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-bIVDYGcfRcZPK4rixMn4CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-bIVDYGcfRcZPK4rixMn4CA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 08:40:00 GMT

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 018F 532 KB
129 KB 22ms
20ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 40562
x-cache: HIT
content-length: 131812
x-request-id: 47459254-7f83-4684-a839-5867f728b7b7
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5269

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 018F 10 KB
4 KB 8ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5193e04cdbb8b74183f82b5fa37af57f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 1264682
x-cache: HIT
content-length: 4272
x-request-id: c5b6a1ab-868a-4be4-86e0-f6f1d28eda4c
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7895

GET
H2 200 shared-879cf5b26d50aa4817c567df46c08e03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8816 532 KB
129 KB 26ms
21ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 40562
x-cache: HIT
content-length: 131812
x-request-id: f21494fe-dc54-4d34-8587-9de29f16854c
x-served-by: cache-fra-etou8220068-FRA
last-modified: Tue, 07 Nov 2023 21:22:41 GMT
server: Fastly
etag: "b83bce60eeeced019da5db427249f07a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5270

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8816 12 KB
5 KB 30ms
26ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-776ea7e8cfad736af619f73414cf2123.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:00 GMT
via: 1.1 varnish
age: 2525670
x-cache: HIT
content-length: 4877
x-request-id: 4d77f195-eda7-4d5b-80ec-19bbee6e13a6
x-served-by: cache-fra-etou8220068-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17798

POST
H2 200 csp-report
q.stripe.com/ Frame E9AE 0
716 B 177ms
173ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800710003
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800709297
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3812 0
717 B 179ms
175ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800718866
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800718146
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3812 0
717 B 181ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800718781
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800718179
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B816 0
717 B 226ms
225ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800800584
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800799985
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B816 0
717 B 304ms
303ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800880802
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800879265
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 018F 0
717 B 302ms
301ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800879765
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800879272
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 018F 0
717 B 307ms
307ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800883974
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800883397
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8816 0
717 B 310ms
309ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800889663
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800888750
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8816 0
717 B 312ms
312ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: hopeforukraine.net
URL: https://hopeforukraine.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432800889397
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699432800888764
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 status Show response
donate.hfu.org/sso/ Frame 17A0 90 B
1 KB 423ms
422ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.hfu.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361013343058944999764_1699432800579&_=1699432800580

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76cfbfb2e405114c2aed2e8d1d87224a417c04ab4694d07ac92ad2dbbf64d064

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-5ccab7599541e78c----1699432800711
traceparent: 00-6dcc278feda98d11d1a0ae8f4dfcc800-5ccab7599541e78c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1Y2NhYjc1OTk1NDFlNzhjIiwidHIiOiI2ZGNjMjc4ZmVkYTk4ZDExZDFhMGFlOGY0ZGZjYzgwMCIsInRpIjoxNjk5NDMyODAwNzExfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.hfu.org/give/493707/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 822c823c79a418f5-FRA
x-xss-protection: 1; mode=block

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E9AE 474 B
611 B 23ms
6ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 40
x-cache: HIT
content-length: 297
x-request-id: 02aad2e5-d282-448f-8126-dc4f11e1269d
x-served-by: cache-fra-etou8220041-FRA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E9AE 474 B
372 B 7ms
7ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d9678bdd3bd53f13b263f8cb303c8ff6.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 08:40:00 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 40
x-cache: HIT
content-length: 297
x-request-id: c1f27ec6-cf99-48cb-9f74-7ec250321a3f
x-served-by: cache-fra-etou8220041-FRA
last-modified: Tue, 07 Nov 2023 22:01:06 GMT
server: Fastly
etag: "a3831a1659489d23fe40b04c7ca1798d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 2D3C 19 KB
8 KB 97ms
84ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f762348d80da3bda6cf60ba98ad3c03a749d55cfd24f733ba90f7ae2a232970

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-_l2SgS4cXwqI49ZJHG4S3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-_l2SgS4cXwqI49ZJHG4S3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 27F9 19 KB
8 KB 85ms
72ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8a16acb5a36a3acf682fc17d03230742b53591ac0547b0ed89078590c1fc6a1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Z_uEb9RjijgRUH4OyBAriw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Z_uEb9RjijgRUH4OyBAriw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 381ms
357ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259539
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801259313
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 371ms
349ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259285
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801259170
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 376ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259852
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801259235
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 377ms
357ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259715
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801259251
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 367ms
347ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259509
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801259135
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 373ms
353ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259825
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801259246
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 383ms
364ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259745
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1699432801259117
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 366ms
348ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259366
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801258987
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 367ms
350ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259189
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801258815
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 363ms
346ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259416
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801259030
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 368ms
352ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801258963
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801258472
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 369ms
354ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259146
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801258557
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 369ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259302
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801258782
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 359ms
359ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259632
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801259413
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 349ms
348ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259805
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801259361
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame E9AE 2 KB
3 KB 421ms
278ms Fetch
application/json 52.49.17.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.49.17.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-17-168.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fe5ffe3c1680e0d2c7bae4672efc9c564cb779901ed43cb1deed6be84e55bed6

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1962
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 355ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801259851
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699432801259450
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame EA25 156 B
667 B 180ms
180ms XHR
application/json 18.236.9.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.9.94 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-9-94.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b69a25dc199eefb0eaa6100867d9e4d238c58a33accddf2b260f1eeee707489b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 08:40:01 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432801119460
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699432801119107
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame EA25 156 B
668 B 252ms
251ms XHR
application/json 18.236.9.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.9.94 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-9-94.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b69a25dc199eefb0eaa6100867d9e4d238c58a33accddf2b260f1eeee707489b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 08:40:01 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432801169227
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699432801168827
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 27F9 158 KB
57 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgNeqzrme4kB4D-PxBF9Q-VpChabw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5008c4e8cacb4a9e632cb1b6ed9788a7cfa8a92b95748b82f42c47073ef737f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57374
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 07:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:15:27 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 27F9 2 KB
2 KB 126ms
126ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: hopeforukraine.net
URL: https://hopeforukraine.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 2D3C 158 KB
56 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5008c4e8cacb4a9e632cb1b6ed9788a7cfa8a92b95748b82f42c47073ef737f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57374
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 07:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:15:27 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 2D3C 2 KB
2 KB 119ms
119ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: hopeforukraine.net
URL: https://hopeforukraine.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 27F9 73 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgNeqzrme4kB4D-PxBF9Q-VpChabw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c299735b69072e8281758f08645f82b2ea377aeabee7a9cf13df9449cf783a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27281
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 2D3C 73 KB
27 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c299735b69072e8281758f08645f82b2ea377aeabee7a9cf13df9449cf783a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27281
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 27F9 1 MB
374 KB 74ms
74ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3dad635529dfcd294cb13253c86a1fdab2b520e4564cd18d720420dc2aef701

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ewSSni2--pYWiMPvVFxF_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ewSSni2--pYWiMPvVFxF_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 08:40:01 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 27F9 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67296cd59935f73c50eb68ad73d75715c3429cafc055d5667fdf794be4e52bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 27F9 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa4b813063702203bd07d9566b1c5543042636fd8a758ff742e5bbc963fda02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 27F9 131 B
155 B 81ms
57ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
14ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 27F9 131 B
155 B 74ms
57ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
16ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 27F9 131 B
155 B 77ms
60ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
16ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 27F9 131 B
155 B 75ms
59ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 28ms
17ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 27F9 131 B
155 B 76ms
60ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 26ms
17ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 2D3C 1 MB
374 KB 79ms
78ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23249db11adcff1366b4869016836054768f2dc2f601ea5b3f1086916db1d842

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mZYhLJkOClEDyjafMhxz5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mZYhLJkOClEDyjafMhxz5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 08 Nov 2023 08:40:01 GMT

POST
H3 200 log Show response
play.google.com/ Frame 27F9 131 B
155 B 76ms
60ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 176ms
176ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801490064
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801489760
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 174ms
174ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801490908
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801490801
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
15ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 2D3C 9 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67296cd59935f73c50eb68ad73d75715c3429cafc055d5667fdf794be4e52bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc... Frame 2D3C 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.GuALPsHmTN8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.VLGlxc_oO2k.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrig3K_14WSD3T9SaACgaEyKbS8vyg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa4b813063702203bd07d9566b1c5543042636fd8a758ff742e5bbc963fda02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 15:41:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 20:38:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 16ms
13ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2D3C 131 B
155 B 51ms
50ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

POST
H3 200 log Show response
play.google.com/ Frame 2D3C 131 B
155 B 53ms
52ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 16ms
15ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2D3C 131 B
155 B 46ms
45ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 18ms
17ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2D3C 131 B
155 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
14ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2D3C 131 B
155 B 45ms
44ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
14ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2D3C 131 B
155 B 47ms
47ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Nov 2023 08:40:01 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 14ms
14ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 08 Nov 2023 08:40:01 GMT
expires: Wed, 08 Nov 2023 08:40:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 177ms
174ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801536764
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801536550
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 176ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801536944
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801536642
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 176ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801537531
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801537375
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 300ms
300ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801661524
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801661014
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 294ms
294ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801665331
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1699432801664870
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 291ms
291ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801665544
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801664889
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 335ms
334ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801709399
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801708593
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 331ms
331ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801708439
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801707828
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 331ms
331ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801709108
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699432801707854
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
donate.hfu.org/static/global/images/digitalWallets/ Frame 17A0 3 KB
1 KB 54ms
53ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.hfu.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/give/493707/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 01:03:42 GMT
server: cloudflare
age: 172689
etag: W/"654446ee-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 822c8241381c18f5-FRA
expires: Tue, 05 Nov 2024 08:41:52 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame E9AE 0
274 B 322ms
322ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-879cf5b26d50aa4817c567df46c08e03.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 08 Nov 2023 08:40:01 GMT
x-stripe-server-envoy-start-time-us: 1699432801709178
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699432801708324
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame EA25 156 B
668 B 179ms
179ms XHR
application/json 18.236.9.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.236.9.94 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-236-9-94.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b69a25dc199eefb0eaa6100867d9e4d238c58a33accddf2b260f1eeee707489b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 08 Nov 2023 08:40:03 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699432803812410
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699432803811747
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 17A0 295 B
368 B 8ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.hfu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 08:40:05 GMT
via: 1.1 varnish
age: 31062890
x-cache: HIT
content-length: 209
x-request-id: b8da961e-b733-49dd-93fb-98996e4df7b3
x-served-by: cache-fra-etou8220068-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28669

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: donate.hfu.org
URL: https://donate.hfu.org/frs-api/campaign/493707/transaction-estimates?amex=false&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.classy.org/	1970-01-20 16:03:54	Name: __cf_bm Value: .L69gVOpiqNHugeCEHAcg9i7HV7O8dmChNRquQw0aFU-1699432796-0-AV2VW8dRKKnCPjEa63TF+I7upwTCKCcnmTGX6qv+OOYOB3cZldRWS5tG6zQPMDaEmzLBUSn6H2UMz0Oi98pRK5k=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: yrm0cef1tMAPAkBExf8wDqcQqalB03cT8lt3P7OCUQI-1699432796529-0-604800000
.hopeforukraine.net/	1970-01-21 01:39:52	Name: _ga_N5H5TSC4YY Value: GS1.1.1699432796.1.0.1699432796.60.0.0
.hopeforukraine.net/	1970-01-21 01:39:52	Name: _ga Value: GA1.1.2061562561.1699432797
hopeforukraine.net/	1970-01-20 16:03:56	Name: alli-disabled Value: site_6ETHS8LJDCvupNyA
.donate.hfu.org/	1970-01-20 16:03:54	Name: __cf_bm Value: xHMtp83aqC3CdqtMiMnBnubDL4g2fhlLCoe7U51M.j0-1699432797-0-AdUxy9x3pSKoS1duFDOilmLQeiYq4nC0FSd8EhMVeaqXsxVW+yqRynG5mjHC+nFlXacKEzri4ev+G14ZLw/FuOU=
.donate.hfu.org/	1969-12-31 23:59:59	Name: __cfruid Value: 22aaad95953749dbcf088176dea1985efcb9546e-1699432797
.donate.hfu.org/	1969-12-31 23:59:59	Name: _cfuvid Value: ByIYIasrh7fyCjWLNDbbnxoXXksUxytxLTLpR37Hb4E-1699432797819-0-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XJ-5yH7HraM
.youtube.com/	1970-01-20 20:23:04	Name: VISITOR_INFO1_LIVE Value: ZmsC0yyhjwI
.google.com/	1970-01-20 20:27:24	Name: NID Value: 511=XHWAAkBigJqHkofSMNKCQPiDv_ZkKsEZZtw-0804zRrVzXg_8o2_emwU6dk8dpeUP2E_582VUpEFzADiy6shPU5lfbA342EdAs1RR4RBCyUIysRBvCUHjT5hvRLqotofW82oqywRCc4myEQ2-tnO_xBPaHXChGr9LkP5cbClO_8
m.stripe.com/	1970-01-21 01:39:52	Name: m Value: c65147c4-97a8-4125-859e-08d639adcd9b75c018
donate.hfu.org/	1970-01-20 16:03:53	Name: XSRF-TOKEN Value: eyJpdiI6IkEvQXIydDFlSDhGVzI1VmNYTkszbVE9PSIsInZhbHVlIjoiOEtLbmVJR1dLWTVFSmRraitxSGo1T25LZ2h3cE1nU053U0U1MndYOG03S0FPM2dNVkwzeXErR0lQLy9LYjdsd3prbWg0QklrOWh3WXM0emN5cWhGZXRtRHBCRzJEeER4QlNpaUJZVHNaTTZqS0JRQnBUeE9qK0h0eENOSTdnKysiLCJtYWMiOiI5YTI2N2FiZjdiYzZhYjI1NjBiODcwNjk2NWJhNmMxODViZTk3NTM1OTM5ZDliN2M2NjdmNzYwMjkyOTk4YmRmIiwidGFnIjoiIn0%3D
donate.hfu.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6ImRuRW9ZckdCbSsvZ2VMMldnM3dnNkE9PSIsInZhbHVlIjoicU5TZ3Y2Y2RsVTNLcVFXZithdkQ3OEtaNC9Wa0NIV1h3R2E4MTgvQ1RsNmZDNXNYUEJZclBMYlRKRlpQYVU1cXE2OGFtZTlydjFOMDQyQi9LVkErNnV1WmtYY3p5WUJqUHNaMWFENTEyU0FRNkcrT3JhbGxoN0RqRlpSYU1zRmIiLCJtYWMiOiJiNmYxNDMyMzUyZmU3YWM0ZDZlZGNkZGY0MTgzYzc1ZjNjNzMyNzE2YmM0YTRhNDAyNWEzN2MwYzk4MDBmMTliIiwidGFnIjoiIn0%3D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d2azal32wgllwk.cloudfront.net/api/v3/widget/site_6ETHS8LJDCvupNyA/recommendations?l=en-US&p=%2F&h=hopeforukraine.net Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://d2azal32wgllwk.cloudfront.net/api/v3/widget/site_6ETHS8LJDCvupNyA/customizations?l=en-US&p=%2F&h=hopeforukraine.net Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.plaid.com
cdn.transcend.io
code.jquery.com
d2azal32wgllwk.cloudfront.net
donate.hfu.org
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
hopeforukraine.net
htp.tokenex.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
r20.rs6.net
region1.analytics.google.com
scontent-ord5-1.xx.fbcdn.net
scontent-ord5-2.xx.fbcdn.net
sdk.classy.org
static.alliai.com
static.cloudflareinsights.com
stats.g.doubleclick.net
unpkg.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
donate.hfu.org
13.32.121.61
151.101.0.176
151.101.130.159
18.236.9.94
2001:4860:4802:32::36
208.75.122.11
2600:9000:206f:b200:19:7d10:bd80:93a1
2600:9000:2156:5600:17:a0f4:8900:93a1
2600:9000:2156:7800:17:a0f4:8900:93a1
2600:9000:2250:a200:2:8531:afc0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:3865
2606:4700::6810:7caf
2606:4700::6812:7c49
2606:4700::6812:c55f
2a00:1450:4001:801::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c06::9a
2a00:1450:400c:c0c::5c
2a03:2880:f082:108:face:b00c:0:3
2a03:2880:f082:9:face:b00c:0:3
2a04:4e42:600::649
52.143.247.24
52.49.17.168
54.187.119.242
011e0598351f5d1b6cb691d11b5b34d2006635bb073742eb4d539fb9a131a126
0524593c51d313589e0e8e8a8b069c1c7ecc5dc94a2c59dd2809b0e326d407f8
0b02607b9dd0dba9c364d599865d471fcd6ed72245636e4e397455034c5c15bf
0d64dc82bb3f3165d9ffe954b8a85f64a01d53c4b05dbaa3f417d908ab32bcea
0de2cb4c9ce1677fba9438fca34d6b47936aed59f13069495765343e859578cc
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0edf8bc8c6df3c99cc8b025fe674ca0cf1f515459ea160d4a39942bb80988f48
124999106b36b91138193de6ae365bc2e97ec51e122e2f967318ce3d662b561b
156a11f88a1b53dfc45534f270a969fb491c9a3dc75ab8ec2e5313628c6fcfbb
18077e40e233fcda47ac0394fa97e56320f3a2525e809d6091960e58d3d5c6d6
18956d2f9cb5d2e24a34b58e390cd121dfb8d650507a1d1ca30d5ad5e3bb9be9
19157679ec7e442a249cbaac32b4a820f2e0d2684d7b92198b37c627c5bc1fcc
1aa4b813063702203bd07d9566b1c5543042636fd8a758ff742e5bbc963fda02
1b848a355be593aa78a3fc3cee64c4c4cc12d8f352852ddd493297843c2d7317
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1f7a0f7e2730fce65d1b799027925845d9e94dce9b98ba1457bfa89c10c58239
2045bc5941115716a431db7f5f3ff4f7a42beb9b3ba0f1bbf2ad97cb79402a46
23249db11adcff1366b4869016836054768f2dc2f601ea5b3f1086916db1d842
254a4f72d93d5ee58581a41bf216a4fa457e8d4f7ba157c259f5b0065c8919c5
256974bedf14c545cdddd9d170ac6bf3f44b191d7540f8851d2520e1c06a8ab2
2657f3f6c74ac3abb29bb0f1dbf51aabe85d184b20a8c05686bcb65ce4548699
2665ff8dd613b62af6d60c79e90069e3739b39e050f953fac88e46183d51d747
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
298d4cdac7aa50184fc7d656941ad96f1b0d51774cff34f136b052c6b0c484df
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2df7717098dffdf4ae5519962173934ea68e8ffd2fbeaa873cdd6aad1e4b044b
313e3f1e7602532f60ff66976093b05e8372eabcffee2df0814c237b9991d7d3
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
38fb913bc8a440947a0a4605ceac8b470899ade135151adefe63efa150810ea8
3d91d7fd9c0611ab9052a2124103f31709e6ac6609b159669d315c5f0fe16604
44e842f7b56ac462791836c8466beeeeaa5f8152b1e007961e03248eada57809
4548051fbc85d7fbd530d50bf75841dbda88874d98ca2c405cd96813b35a816d
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
4f303f5ed05445716b9964c24ec7d8a6c54fa09ca78fe53fbe8498d42f463242
5013720a1091644b368a9265d4c42b174b4536b40bf423f95ffc38f8ad1fe1a9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5129ab47678b1765e73bc14eea7f6cec850945b77fa05913f24dd68707b5a19d
517a3e0fd53a4a6937d02cce1c46da382aaacc9de1fc3af12299de23c1292ce4
528f7e41c2da033c5cab9bb987e039b15dee710505f1fba2e29edddeeb67889f
5473797ba4b9f35c06bfdbf413a3a67e0c755106b5ddc7a5d4fc7e62201bed45
54752ed0fd548a707fa5520643628167ba2cb0be849d4814b2d95323b22e987e
562bff14127278617e08711be778a9ffc5f81c9f9063c706bbf4c177dcf89639
5674b0a11a287377a390c9a6c3c2946b3304596cb4fd10a63f5203a3a85f8a31
586ac836f00f910cda0fd9010624d92748bf7953ab08ef0a0a386125d835f504
58945e8e2ab81a931628dcdcae84f5b18515d7ec6a39893ac15aa5ff6c75430a
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5adf71ca20f034800a28eb5298a96d4a83ce618eebce2c8c771fa1243cf92dab
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
6148663b0d10be6491f0293a8a093676acbd5fd25a0e6812012310a9c5e44d26
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
645a421f4db3cc14c8cb2fb6fa400aec5c5bbede092beaadaf64b286e77df763
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
66739acaaa4a97f905fa0dbc1f9c79ae864e74f800856ae12b3988debfa986fd
67296cd59935f73c50eb68ad73d75715c3429cafc055d5667fdf794be4e52bf2
67e077693182152afa2b74d45e49181a85e949dd42b6e54401b6783da67353c9
750c6368891bf21f8f1df12b5d8cdf78827b1486df20072f037b421d060164c0
7592fb11a7a8490437637c12d7fa47825ab0115fb16db57e3c251f3d3f29a553
76cfbfb2e405114c2aed2e8d1d87224a417c04ab4694d07ac92ad2dbbf64d064
774b48c6351d29f1f17dfb52d755cc3d2f498e810884dc1f0a61a2b91da267fe
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f4b6299dc6c621c3d2ce58c7fff0a64b8489168a8ad46916caed6e35ae90b78
7f762348d80da3bda6cf60ba98ad3c03a749d55cfd24f733ba90f7ae2a232970
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
7fa5416dc406fd24291a3d215e542de9cc3ebdd9412495b61a2a1767666c1a74
81e2c91b84062e51f235edfb4abbd202aed18a7c1e5194d8f496c1153f0f797b
821f3475222aa7c8f2e0914d5d12f95c45058493234d841885eff39cf52f5135
833cd2dd1b7dd85e20ad7f0446fa0d0946e52653b3df29299d59313fb0fbadc4
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
89d56600b6b44f23f105a13a8869c6af02b8d9d1ac054c3f9b93df589d66453c
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8b6cf88f2f321c9e8a0d42eb2129dddfff0dd2087a19ab1ec539726104887194
8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8f289061ed2fb91aa5a6286281040348271e1c70126d7035a6697a737d3e1330
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073
984530ba11d53aa12d9a0a6ccd643c77daf7256ad10e9b10d3f1f30dff987799
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b618e1ecd2ecedd856240cc7a0aa6bff7b528e05f2788ba0114195ccb7efe74
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a40d09e926b4938f9485827ae2bf901f6e3500c35dd7b35524d50bb8d03cb08f
a479ab353988ec7c3893bbc5f3307f8b02d041f779c838e2e31de65c6e9c7657
a5008c4e8cacb4a9e632cb1b6ed9788a7cfa8a92b95748b82f42c47073ef737f
a5ce7a71419f2f0899cb2e490adc48b0f3e37e76106dc3b9ff4d337f3c692493
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
ab2f0ecefec4b6679dda1810fc08c8e1f8f930436753344f20b55928230a963b
abb57d182b4b288df0e2e1ef6e92b3ddf726da91527e3bb89b4e41ac44bb8d8c
ad579d3c56c575ce438555fdbd2ed292af51f652603858b64ce44cf29785f79a
ae993ca5c332448005cc238bbdc9004570dc0cb2a9ad3dceacac76ce07f6cf2f
af3d716fd80fdee9a734dc9a3b2593245a08929fe7b5f42884eaacc651fe6f35
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b5555288a111534a08c47cb4de54eb1ec422307b46947af8f2485b3a31059e80
b69a25dc199eefb0eaa6100867d9e4d238c58a33accddf2b260f1eeee707489b
b7506a0dcc5d09bb34ed909bfcb4be7b39f42efd71ebd596cce3961354ed3868
b9bc5f17fc9fd6d7738b6f83e456a2e916bc1739871475eda467f74c5b06f732
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
be64d12aac81891963fffd4237a244b3118d60d7fdbbe6b64a336f4abe80a374
c299735b69072e8281758f08645f82b2ea377aeabee7a9cf13df9449cf783a38
c6be8751464dda80ff293b70e6fc28ce5d5d1626f3d0441905ee739faa5c3ece
c7507ad2027c552f3600db1fed77807298337de407710ebb6b75dd42797f0415
c8a16acb5a36a3acf682fc17d03230742b53591ac0547b0ed89078590c1fc6a1
c9784a0bbe8067a8166fb722480f242abbcec13f47fe05b4c4210a16956cc2bc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf1167ec51b7ba5a42d08ba7b608c1e2cb768c709a0c3a1ee82ebb7e1d3321d1
d3370236f18fca7f9fa5bc479f0ee0dec3cdaf3c053a123bf6616749e809b828
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d90a61bf6c040f9d1f54c1257e93a7cef6a0e4efbc9bd4be52a1af9540303dcf
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
dcefd91a12702679adbfdf75484d16a56ce3e07c6a2413f3319230fb22fab4af
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dad635529dfcd294cb13253c86a1fdab2b520e4564cd18d720420dc2aef701
e6b9ef6b57f250447e16fb2d01ceedc5ce4b76f8effc57c20bdd425b75ccba0e
e91b7b95b9388a66e42801b2fd88496a28b0e388f26988cc05bef0c3b692b88c
e973184fdfd8d34a092c8372b01b5a26eba02a08a1027bdc4faac414c93d59bc
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
eeeb890f307f0103391d7f1d5c2c5105b7dff058878f46c46960e552f94a2158
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f6d7438de300079d07689045748764946c8136ce94b800639da0ed082a159e75
f991cd8cd7d8f49d13e73750bb8c388a91a352b8973c7b4e4d48f103753fb6f4
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
fd647d8ae1ca393a52b8a8e06afac09b2e8221cce3c4b89a8ebff978b3725b5d
fe5ffe3c1680e0d2c7bae4672efc9c564cb779901ed43cb1deed6be84e55bed6
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

hopeforukraine.net Open in urlscan Pro 151.101.130.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

100 %HTTPS

72 %IPv6

23 Domains

33 Subdomains

29 IPs

4 Countries

7528 kBTransfer

20640 kBSize

14 Cookies

45 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hopeforukraine.net Open in urlscan Pro
151.101.130.159 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

100 %
HTTPS

72 %
IPv6

23
Domains

33
Subdomains

29
IPs

4
Countries

7528 kB
Transfer

20640 kB
Size

14
Cookies

227 HTTP transactions
2 data transactions