empower.goodwillindy.org Open in urlscan Pro
2606:4700::6812:c55f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xT...
Effective URL:
https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ...
Submission: On September 22 via api (September 22nd 2023, 4:32:32 pm UTC) from US — Scanned from DE

Summary HTTP 118 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 14 domains to perform 118 HTTP transactions. The main IP is 2606:4700::6812:c55f, located in United States and belongs to CLOUDFLARENET, US. The main domain is empower.goodwillindy.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time empower.goodwillindy.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
15	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:26d... 2600:9000:26da:7200:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.18.96 18.239.18.96	16509 (AMAZON-02) (AMAZON-02)
13	13.225.34.96 13.225.34.96	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
29	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:9a00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	52.10.94.213 52.10.94.213	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
1	18.202.131.124 18.202.131.124	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
118	21

2 2606:2c40::c73c:6702 (None, ) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.goodwillindy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:c55f (United States)

ASN13335 (CLOUDFLARENET, US)

empower.goodwillindy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26da:7200:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-96.ams58.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.225.34.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-96.cdg3.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (Ascension Island)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:9a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.10.94.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-94-213.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.131.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	stripe.com js.stripe.com — Cisco Umbrella Rank: 2793 q.stripe.com — Cisco Umbrella Rank: 24792 m.stripe.com — Cisco Umbrella Rank: 2449 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 13791 r.stripe.com — Cisco Umbrella Rank: 8828	628 KB
17	goodwillindy.org 1 redirects info.goodwillindy.org empower.goodwillindy.org	64 KB
16	google.com pay.google.com — Cisco Umbrella Rank: 3915 play.google.com — Cisco Umbrella Rank: 85	415 KB
15	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 114876 pay.classy.org — Cisco Umbrella Rank: 129163 assets.classy.org — Cisco Umbrella Rank: 142564	1 MB
11	gstatic.com fonts.gstatic.com www.gstatic.com	311 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 7186	124 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2971	18 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	67 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1243	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 29632	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1425	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 56936	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1476	7 KB
118	14

	Domain	Requested by
21	r.stripe.com	js.stripe.com
15	empower.goodwillindy.org	info.goodwillindy.org empower.goodwillindy.org cdn.transcend.io
13	js.stripe.com	cdn.transcend.io js.stripe.com
12	play.google.com	www.gstatic.com
11	prod-frs.content.classy.org	empower.goodwillindy.org cdn.transcend.io prod-frs.content.classy.org
8	q.stripe.com	info.goodwillindy.org
7	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com info.goodwillindy.org www.gstatic.com
4	cdn.transcend.io	empower.goodwillindy.org cdn.transcend.io
3	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	assets.classy.org
2	pay.classy.org	cdn.transcend.io
2	www.youtube.com	cdn.transcend.io
2	info.goodwillindy.org	1 redirects
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	fonts.googleapis.com	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	static.cloudflareinsights.com	empower.goodwillindy.org
118	23

This site contains links to these domains. Also see Links.

Domain
www.classy.org

Subject Issuer	Validity	Valid
info.goodwillindy.org GTS CA 1P5	`2023-09-22` - `2023-12-21`	3 months	crt.sh
empower.goodwillindy.org Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-26`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
Frame ID: 8D7E028B07AEF2BD4853C533B652A095
Requests: 52 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 4AC3FE423169493F324A0E03BF55D050
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E26D2048D73CCAA034C3E14014D82AD0
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
Frame ID: A2E52338DCEEEC04A427513385BF1339
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
Frame ID: 59D085FE52BB9FE5BE2885BB64F1C71F
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
Frame ID: 4CF2B340A1097A6F121717C892709055
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: C46181B28859D630E33015521F838AF7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Goodwill of Central & Southern Indiana

Page URL History Show full URLs

https://info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y... Page URL
https://info.goodwillindy.org/events/public/v1/encoded/track/tc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5... HTTP 307
https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_h... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

100 %
HTTPS

70 %
IPv6

14
Domains

23
Subdomains

21
IPs

6
Countries

2835 kB
Transfer

10279 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4K_6w3l4RW3Bzp19274TWSVzVbdz1pCZl3W5b6xCH2ttK6SW19NpnC7XSyTFVNjl051Lfxb7W24vpZP5RHt2bN3rXrxwd3z8QW38zn6h3gw8RNW4TZb5M37p5PDVrdm_P1FRbgVW4LvfTl8sC-P3W1z6CJd4LJrHDW2d4QGb6Dcq8TW87v8tq76YJfLW5x_WLD6vGjmWW5x9Pvv4-bdpVW8DvD3L4xRwfkW8MLn9l2phx4ZW9cHVyv3gPqRDW3qTYCF2DY4CgW2cg8sC2vfjrYf1fYLrb04 Page URL
https://info.goodwillindy.org/events/public/v1/encoded/track/tc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4K_6w3l4RW3Bzp19274TWSVzVbdz1pCZl3W5b6xCH2ttK6SW19NpnC7XSyTFVNjl051Lfxb7W24vpZP5RHt2bN3rXrxwd3z8QW38zn6h3gw8RNW4TZb5M37p5PDVrdm_P1FRbgVW4LvfTl8sC-P3W1z6CJd4LJrHDW2d4QGb6Dcq8TW87v8tq76YJfLW5x_WLD6vGjmWW5x9Pvv4-bdpVW8DvD3L4xRwfkW8MLn9l2phx4ZW9cHVyv3gPqRDW3qTYCF2DY4CgW2cg8sC2vfjrYf1fYLrb04?_ud=093ef683-6887-4697-adff-a9b6c1797ac0&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4K_6w3l4RW3Bzp19274TWSVzVbdz1pCZl3W5b6xCH2ttK6SW19NpnC7XSyTFVNjl051Lfxb7W24vpZP5...
info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/ 8 KB
4 KB 460ms
198ms Document
text/html 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4K_6w3l4RW3Bzp19274TWSVzVbdz1pCZl3W5b6xCH2ttK6SW19NpnC7XSyTFVNjl051Lfxb7W24vpZP5RHt2bN3rXrxwd3z8QW38zn6h3gw8RNW4TZb5M37p5PDVrdm_P1FRbgVW4LvfTl8sC-P3W1z6CJd4LJrHDW2d4QGb6Dcq8TW87v8tq76YJfLW5x_WLD6vGjmWW5x9Pvv4-bdpVW8DvD3L4xRwfkW8MLn9l2phx4ZW9cHVyv3gPqRDW3qTYCF2DY4CgW2cg8sC2vfjrYf1fYLrb04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:6702 -, , ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 80abf1920d75994a-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Fri, 22 Sep 2023 16:32:23 GMT
last-modified: Fri, 22 Sep 2023 16:32:23 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZOuKdbmMRZSYcSeljw6jt44e63Z3xGUdrNM5ywyolJKLz%2BApBvcVG7%2BYqZ66iqpb82g9ZlfatfTqiu4cTpoit6MqtjLkpZAsF0blzsXnhNhzcSJ534wJbz7rEVdMeXP3GOVJEGoawQFejgm5nzWRkTdMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 41
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5cd547747b-dntpn
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 5d91e359-5a45-48e4-8554-52af682f0b27
x-request-id: 5d91e359-5a45-48e4-8554-52af682f0b27
x-robots-tag: none

GET
H2

200

Primary Request / Show response
empower.goodwillindy.org/give/459907/
Redirect Chain

https://info.goodwillindy.org/events/public/v1/encoded/track/tc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4...
https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9...

99 KB
30 KB

927ms
869ms

Document
text/html

2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Requested by

Host: info.goodwillindy.org
URL: https://info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4K_6w3l4RW3Bzp19274TWSVzVbdz1pCZl3W5b6xCH2ttK6SW19NpnC7XSyTFVNjl051Lfxb7W24vpZP5RHt2bN3rXrxwd3z8QW38zn6h3gw8RNW4TZb5M37p5PDVrdm_P1FRbgVW4LvfTl8sC-P3W1z6CJd4LJrHDW2d4QGb6Dcq8TW87v8tq76YJfLW5x_WLD6vGjmWW5x9Pvv4-bdpVW8DvD3L4xRwfkW8MLn9l2phx4ZW9cHVyv3gPqRDW3qTYCF2DY4CgW2cg8sC2vfjrYf1fYLrb04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

041e6d1eec94a570ebbdec65068ac14ee5c52aff89fc91d6fe4bd7d2b0d03ece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.goodwillindy.org https://www.goodwillindy.org/donatenow;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4K_6w3l4RW3Bzp19274TWSVzVbdz1pCZl3W5b6xCH2ttK6SW19NpnC7XSyTFVNjl051Lfxb7W24vpZP5RHt2bN3rXrxwd3z8QW38zn6h3gw8RNW4TZb5M37p5PDVrdm_P1FRbgVW4LvfTl8sC-P3W1z6CJd4LJrHDW2d4QGb6Dcq8TW87v8tq76YJfLW5x_WLD6vGjmWW5x9Pvv4-bdpVW8DvD3L4xRwfkW8MLn9l2phx4ZW9cHVyv3gPqRDW3qTYCF2DY4CgW2cg8sC2vfjrYf1fYLrb04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 80abf1954895bb5c-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.goodwillindy.org https://www.goodwillindy.org/donatenow;
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 16:32:24 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 80abf1937f22994a-FRA
content-security-policy: upgrade-insecure-requests
date: Fri, 22 Sep 2023 16:32:23 GMT
link: <https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email#!/donation/checkout>; rel="canonical"
location: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email#!/donation/checkout
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StWJbZBvNBCp7N29j43INZU65x40Lm8e2ubOAuWfliaapb3y7y1NooWCQW0%2Fm57qyT2XP54evz26Adk9ZDLLgJpWOjc37Ouc8VcvvM3HcsnuYn%2FOsEKoKojbSaLXW6Raa3xY4FO4xsqbloCEpkqO1401xA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 70
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5cd547747b-tk92t
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 2e6b4026-a8fc-4aa1-982d-c97c3174f011
x-request-id: 2e6b4026-a8fc-4aa1-982d-c97c3174f011
x-robots-tag: none

GET
H2 200 main.css
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/ 1 MB
143 KB 92ms
39ms Stylesheet
text/css 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/main.css

Requested by

Host: empower.goodwillindy.org
URL: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53626236df04709fd3b8c777649d13b118a933fe92249fe2f574b9faadb9f9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XYNDYRW4JZPA78VT
age: 60555
cf-polished: origSize=1130287
x-amz-server-side-encryption: AES256
x-amz-id-2: A09q9D2pKC31ygz+AWcs+sZtPTvKcHuZ5F4e/9VQYZMO+ZBLAD8DpZswmrKKjbKpJN8+Lrnn2gM=
cf-bgj: minify
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
etag: W/"c50161822cc761b0458ff06b1d4bed46"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 80abf19ba9c2363b-FRA

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 131 KB
45 KB 90ms
36ms Script
application/javascript 2600:9000:26da:7200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:24 GMT
content-encoding: br
via: 1.1 03f0b5e1388e49b279dc44f8ff1caa78.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: 8SmHislBLG8ZGSx76yfdkaCHUXrs6G8vyEAl__nQ-GW0aaH9VoPJ2A==
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
empower.goodwillindy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 08:17:07 GMT
server: cloudflare
content-encoding: gzip
etag: W/"650aaa83-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 80abf19c08e2bb5c-FRA
expires: Sun, 24 Sep 2023 16:32:24 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 66ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: empower.goodwillindy.org
URL: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://empower.goodwillindy.org/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:25 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 80abf19c4dbb18e9-FRA

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 267 KB
73 KB 42ms
15ms Script
text/javascript 2600:9000:26da:7200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://empower.goodwillindy.org/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: br
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 22:16:28 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 65769
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 42tHTW6nw27yppNKWK_AF_V6UcumdTBbEFXUxTxIXYqHTpc2DTnLdg==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 18 KB
5 KB 522ms
126ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8028a80160247b9a0c01d7986bf837f839a67521874b58b436d82a5e09353a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:32:24 GMT
last-modified: Wed, 20 Sep 2023 23:22:23 GMT
etag: "8061204f19ecd91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4786
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 45ms
28ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12910065
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY3RGJ4D9XSPG1ZQF9BXTDW-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 80abf19cbafc3735-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/donation/ 182 KB
37 KB 43ms
43ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e75c101853ecba8dcde5c2144bba49296e48794453616ddf7e2b2b21e4f2b793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
x-amz-request-id: XYNBA30Q6HEM43M6
age: 60556
etag: W/"52e4356a03a77105fb0dd1cd6f632b3a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 80abf19c9acb363b-FRA
x-amz-id-2: 44xzMtziY/vBppJtYet+ZVlkas55KdT2m8H6DzPz9mq3xjwHVWK7zyNfCLkDrEZA5roiAiEoKiY=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/ 2 MB
383 KB 45ms
44ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2233bcaed5a0bfa34e40adde2047c62ea8684b4e64923e7e7042057fb2789570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:36:17 GMT
server: cloudflare
x-amz-request-id: XYN1SBS3M1M3TFVG
age: 60556
etag: W/"0e6f6c26d23e3c84a65bd18f728797cc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 80abf19c9acc363b-FRA
x-amz-id-2: J+tY7e2HS1Q39+dJ9WwZntIosbTofBRZhSpX4+iIIGlf+pwYtGebaYIQb1lsNF1d11LZyg38Ah4=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/ 1 MB
430 KB 52ms
52ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:36:17 GMT
server: cloudflare
x-amz-request-id: XYN6C10X23WP6W62
age: 60556
etag: W/"772e1301b871cc2545926cb86ee5965f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 80abf19c9acf363b-FRA
x-amz-id-2: y5zrJbmQp/Mc9cSTS0uoD+vL+aNilMNjuUvxj1wF+H7mMXHzjXb5wSgP6130Wx+fJud5q2kc3vE=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 143 KB
43 KB 117ms
44ms Script
application/javascript 18.239.18.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-96.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cdf53a82e82b067bad418f45aac83c58c60f563249793784111e4a876f09639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: _qpl7.lY0.nZUztSLffUfSKpJnOEbqqz
content-encoding: gzip
via: 1.1 e3175a7d38795328ac3444e1d56a9f4e.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 18:29:47 GMT
x-amz-request-id: FAD2WZ7EAQM91P43
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
age: 79509
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: aoauAijZ/hRkWrjtUawyHsuqG/rmaCLxJT1muTnFzJPm7DbpPegMd3AChRfj8ldanV+3KKRUpR0=
last-modified: Wed, 20 Sep 2023 18:08:19 GMT
server: AmazonS3
etag: W/"bf2144fc0ae714c294fee91231e9529b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: ZdiPl4xNZk3JymaTibeeR1A4A0xlMn8m554uu91XLNCpG2qwaBRHKA==

GET
H2 200 / Show response
js.stripe.com/v3/ 529 KB
131 KB 130ms
24ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

faa479f6ab9e6ce381d4dc92196b147f88b5247182d37ea4764182d0ca37f7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:32:12 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 14
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 22:54:54 GMT
server: Cloudfront
etag: W/"2f43f864ab4d97d636908d4a345359f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 5cCeE1a8v_v--S9z5AHF2UNw-euQ6KeyVTwOFlmhI4KTKandE5UdZg==

GET
DATA 200
OK truncated Show response
/ 0
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 15 KB
4 KB 16ms
13ms Stylesheet
text/css 2600:9000:26da:7200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: br
via: 1.1 03f0b5e1388e49b279dc44f8ff1caa78.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 22:16:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 65773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: ggB_ZQW-Ai68IhUSgMHqQtzpdJsbrgW_5mR1An57qKoSltnv2S2sOA==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ 8 KB
2 KB 14ms
14ms Fetch
application/json 2600:9000:26da:7200:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7200:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: br
via: 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
date: Thu, 21 Sep 2023 22:16:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 65773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: nsktgMQxjGu-Cz66Qqzq5bM-N_rP3nJUr3-DC5tDov58GeD7hlhNZQ==

GET
H2 200 sdk.js Show response
empower.goodwillindy.org/sso/ 26 KB
7 KB 525ms
524ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72051eea2680cb85200568da3f230eb824e7c40e206c010376021de4a96021b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 16:32:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 80abf19e7bbebb5c-FRA
expires: Fri, 22 Sep 2023 16:52:25 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 4AC3 200 B
1 KB 65ms
10ms Document
text/html 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://empower.goodwillindy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3065
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 15:41:20 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-id: VlrqlgH6DKLBmI3yYSkQC6Irmf-kQRHnWYYxctxfJqEGykZks4jgGQ==
x-amz-cf-pop: CDG3-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 82ms
36ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2482a52b9d28afd071c091bfccf3512ae6027dbbf0fdc2d6428339d8f8a05d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 22 Sep 2023 16:32:25 GMT

GET
H2 200 tax-entities Show response
empower.goodwillindy.org/frs-api/organizations/83961/ 629 B
382 B 657ms
656ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/frs-api/organizations/83961/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b395234c92d0329740806dc03096baba4e84e630619667490d7bb49c87e4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
tracestate: 423787@nr=0-1-423787-363751183-baf127405119cc27----1695400345858
traceparent: 00-498faba97d5d3f4d7c81c34026871f00-baf127405119cc27-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiYWYxMjc0MDUxMTljYzI3IiwidHIiOiI0OThmYWJhOTdkNWQzZjRkN2M4MWMzNDAyNjg3MWYwMCIsInRpIjoxNjk1NDAwMzQ1ODU4fX0=
Accept: application/json, text/plain, */*
csrf-token: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-FIypzl6HPDxJNtO/dEXE4jZly2A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80abf1a18f97bb5c-FRA

GET
H2 200 market-data Show response
empower.goodwillindy.org/frs-api/crypto-giving/BTC/USD/ 36 B
124 B 441ms
436ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b3e0bf43ef3966267bb7119541b8584f2fbd6c11da5ff3e3d8d1096fdb6c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
tracestate: 423787@nr=0-1-423787-363751183-28f810b041430122----1695400346075
traceparent: 00-f394a9b659820f791f1f636a6414bd00-28f810b041430122-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyOGY4MTBiMDQxNDMwMTIyIiwidHIiOiJmMzk0YTliNjU5ODIwZjc5MWYxZjYzNmE2NDE0YmQwMCIsInRpIjoxNjk1NDAwMzQ2MDc1fX0=
Accept: application/json, text/plain, */*
csrf-token: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"24-e+JrfEjRBpUA/cbx2jAjv06+epk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 80abf1a2e928bb5c-FRA
content-length: 36

GET
H2 200 ach-account-routing Show response
empower.goodwillindy.org/frs-api/organizations/83961/ 33 B
190 B 438ms
434ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/frs-api/organizations/83961/ach-account-routing

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
tracestate: 423787@nr=0-1-423787-363751183-198ef6a1f41bf813----1695400346076
traceparent: 00-d9144fc1847c28516e3b6906707fe000-198ef6a1f41bf813-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxOThlZjZhMWY0MWJmODEzIiwidHIiOiJkOTE0NGZjMTg0N2MyODUxNmUzYjY5MDY3MDdmZTAwMCIsInRpIjoxNjk1NDAwMzQ2MDc2fX0=
Accept: application/json, text/plain, */*
csrf-token: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80abf1a2e92abb5c-FRA
content-length: 33

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
691 B 618ms
401ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=24318&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://empower.goodwillindy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: db408700-c073-4bec-8582-59df32d79ede
cf-ray: 80abf1a469d02c35-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/fonts/ 42 KB
43 KB 644ms
518ms Font
application/x-font-woff 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f24795d3ef6e6db8efb32941d9403b17632907bbb83f091c7ac0bf50cea2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/main.css
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: 4BN5VTKTYJ8PM3GG
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: 3CeCEWZpsQ9QeJ6RG2ji9dxoSdlXdKQKU8R8Mnl5Fu1bbDyCQ3QofncdOaVkimiaVCRtkLE6dns=
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
etag: "c926c767cbfef62cef79a7eadf629c4e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 80abf1a47d671cbd-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/fonts/ 65 KB
66 KB 714ms
587ms Font
binary/octet-stream 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/main.css
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: 4BN6E7A32XWC4831
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: GW3t+XhjRGspPMyMr80Xmd7y92PGD87FqtKTGy0F4xVaqocwK5PqY7kNqIBxnYX93AD8+/+8DhU=
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 80abf1a47d6a1cbd-FRA

GET
H2 200 designations Show response
empower.goodwillindy.org/frs-api/campaign/459907/ 1 KB
671 B 491ms
451ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/frs-api/campaign/459907/designations?per_page=100

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067fbd4d71953e84f7a7c8bf1841fddddcb4c3dd861fe40124e26bfe2933020d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
tracestate: 423787@nr=0-1-423787-363751183-35bd0b16184d8595----1695400346311
traceparent: 00-fbf719b6f2bf5b5f061eea64b47a8200-35bd0b16184d8595-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzNWJkMGIxNjE4NGQ4NTk1IiwidHIiOiJmYmY3MTliNmYyYmY1YjVmMDYxZWVhNjRiNDdhODIwMCIsInRpIjoxNjk1NDAwMzQ2MzExfX0=
Accept: application/json, text/plain, */*
csrf-token: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"52c-vPY0QJ8wiod+VsVGuTKckaGusqc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80abf1a48b0ebb5c-FRA

GET
H2 200 designations Show response
empower.goodwillindy.org/frs-api/campaigns/459907/ 1 KB
671 B 503ms
464ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/frs-api/campaigns/459907/designations?filter=id%3D237867

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f019ebeb8d88913d2e24bfa2f156a74b4be074e889f87310bbbf5a1b021daaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
tracestate: 423787@nr=0-1-423787-363751183-90acd49a9a96975b----1695400346312
traceparent: 00-9018e11b77fa78d0bfbb961fd6377300-90acd49a9a96975b-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5MGFjZDQ5YTlhOTY5NzViIiwidHIiOiI5MDE4ZTExYjc3ZmE3OGQwYmZiYjk2MWZkNjM3NzMwMCIsInRpIjoxNjk1NDAwMzQ2MzEyfX0=
Accept: application/json, text/plain, */*
csrf-token: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"525-BbYvqCkClQ0sYjK+8Ljb5SxOS88"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80abf1a48b10bb5c-FRA

GET
H2 200 currency-conversions Show response
empower.goodwillindy.org/frs-api/i18n/ 75 B
353 B 422ms
399ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd55f94963bf2c4c5181b2954bcde645cb1b1df9b28480320a781d7fefbbaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
tracestate: 423787@nr=0-1-423787-363751183-c3c92c867e2a140d----1695400346431
traceparent: 00-3552c7faa5112ebff5302e6221f4ee00-c3c92c867e2a140d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjM2M5MmM4NjdlMmExNDBkIiwidHIiOiIzNTUyYzdmYWE1MTEyZWJmZjUzMDJlNjIyMWY0ZWUwMCIsInRpIjoxNjk1NDAwMzQ2NDMxfX0=
Accept: application/json, text/plain, */*
csrf-token: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-tjNH7fI1ArNMa+zPbrVzkQKUVWs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 80abf1a54bb7bb5c-FRA

GET
H2 200 user-icon.png
empower.goodwillindy.org/static/global/images/ 4 KB
5 KB 425ms
407ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://empower.goodwillindy.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
last-modified: Thu, 21 Sep 2023 20:31:52 GMT
server: cloudflare
etag: "650ca838-11ec"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80abf1a54bbbbb5c-FRA
content-length: 4588
expires: Sat, 21 Sep 2024 16:32:26 GMT

GET
H2 200 2efb6eb0-9370-11ed-bfd6-0a58a9feac02.png
assets.classy.org/26212410/ 6 KB
6 KB 451ms
410ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/26212410/2efb6eb0-9370-11ed-bfd6-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9912e7a2db767e92350da13ee85bf9df1931b268248d68d7922abd0380f4dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 db4dbc94ada3ec57403661fc29634ea8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: 2TKZqS7crbxx6Pr_43V81lV8WHb2tCvE
x-amz-cf-pop: MSP50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 5759
last-modified: Fri, 13 Jan 2023 18:29:16 GMT
server: cloudflare
etag: "707bc2fc7ac07437953e6e81a0050080"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 80abf1a56c93363b-FRA
x-amz-cf-id: a5RtB2kQIJkX-B8skyJdoUTFYaPLMNsC6WXxXYWL3u3kOQaUkSjpfg==

GET
H2 200 1edc086e-9370-11ed-b182-0e1c30146d11.png
assets.classy.org/26212410/ 6 KB
6 KB 564ms
523ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/26212410/1edc086e-9370-11ed-b182-0e1c30146d11.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9912e7a2db767e92350da13ee85bf9df1931b268248d68d7922abd0380f4dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bec13cdbd4d650c71ed35e5a7991d3ca.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: D3W7fJVCjVMI7QU88qNCiH6N8bbgtfTZ
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 5759
last-modified: Fri, 13 Jan 2023 18:28:50 GMT
server: cloudflare
etag: "707bc2fc7ac07437953e6e81a0050080"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 80abf1a56c96363b-FRA
x-amz-cf-id: KcsvhBIZJJm_iNH5SC60fHP8vLHAEv0cMLqvmbvKbkwnYU1PMJkAPg==

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/ 1 KB
947 B 37ms
19ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
x-amz-request-id: GFGYMY6G05ZYCXF3
age: 60554
etag: W/"2861fb7a07b041686ba6360cf7908e28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 80abf1a54c72363b-FRA
x-amz-id-2: +k7d0nm7uuVvYkjYyG1w1orFnPxyJxWyMDSaUyzs5dtvFtjq4ggWN60n0yI90/P4EKJ4sbeylCI=

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/ 545 B
408 B 45ms
28ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
x-amz-request-id: GFGX8VG4Y2ZMCEBM
age: 60554
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 80abf1a54c74363b-FRA
x-amz-id-2: PDODCHqwgv/vOsItLOuNGYPi9xpAzniLshCcLA1bfbJJ8KVaZk/0Xn+EnYSqkb2iD8UtHOzcQrc=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/ 2 KB
1 KB 45ms
28ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
x-amz-request-id: GFGQYZ8KWA3NHZ73
age: 60554
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 80abf1a54c78363b-FRA
x-amz-id-2: 0v+HsyI1sHSUB6kVmAuoudQhmjsi4qb/S0/2OX+WkoSN+OSOhqZ/6dscIaB5/b5ogHmQsFImdiU=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/ 453 B
512 B 48ms
32ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
x-amz-request-id: GFGQ6BYEE41QNS1S
age: 60554
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 80abf1a54c79363b-FRA
x-amz-id-2: 1/lvQYlNTxIJZelKmoSBPxShPDss+4TJr7ChZTyEA7MfsIDY1/VDW57+JDUY90FQ3Lsb4+UzUh8=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/ 394 B
650 B 43ms
26ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/9c9c3442b285ed6c4370823b3160f39479a3c7bf/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: GFGMAW13CV22J2NZ
age: 60554
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: VLJKQM1JlDia0qTWSgEWZkqe+bwN/ZmoX725m/zHXpx0YE+wTpFEZ9PF8IgSj17sP7oW7RQRunk=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 21 Sep 2023 20:36:16 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 80abf1a54c70363b-FRA

POST
H2 204 rum Show response
empower.goodwillindy.org/cdn-cgi/ 0
172 B 17ms
12ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-16f82d95b476cb10----1695400346452
traceparent: 00-5bce463281778d33c5715158c214d400-16f82d95b476cb10-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxNmY4MmQ5NWI0NzZjYjEwIiwidHIiOiI1YmNlNDYzMjgxNzc4ZDMzYzU3MTUxNThjMjE0ZDQwMCIsInRpIjoxNjk1NDAwMzQ2NDUyfX0=
content-type: application/json
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://empower.goodwillindy.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 80abf1a54bc3bb5c-FRA

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4AC3 631 B
1 KB 32ms
25ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 22 Sep 2023 15:49:34 GMT
x-content-type-options: nosniff
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 2572
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: p5TUIZhUnqePvt4DT8Xvvc4DuDFeoH4_x3dfJVa1z_qw6ie2AglkpA==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 106ms
11ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 16:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 16:32:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 16:32:26 GMT

GET
H2 200 transaction-estimates Show response
empower.goodwillindy.org/frs-api/campaign/459907/ 366 B
265 B 459ms
455ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/frs-api/campaign/459907/transaction-estimates?amex=false&amount=100&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c6b1f6601b061eada2e1fd5873e744c2310d2126d025183bf56c7038f6907d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
tracestate: 423787@nr=0-1-423787-363751183-5aa38523c002e6aa----1695400346476
traceparent: 00-8d1224f75f070fd9c8184ddfa7c69f00-5aa38523c002e6aa-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1YWEzODUyM2MwMDJlNmFhIiwidHIiOiI4ZDEyMjRmNzVmMDcwZmQ5YzgxODRkZGZhN2M2OWYwMCIsInRpIjoxNjk1NDAwMzQ2NDc2fX0=
Accept: application/json, text/plain, */*
csrf-token: l0ran7gU-FZI0Gkb2Q0vOCeMaaW6R8IlB-7w
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16e-LanOOwY2MJ1Sv+fzrQ/Gpqmc3IQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 80abf1a56bfebb5c-FRA

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f130aa11/www-widgetapi.vflset/ 210 KB
65 KB 59ms
0ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f130aa11/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbcf052edc16dcdf7e674e4e0dff0a86b81610b4143237286cbdec2c1d560fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66136
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 01:59:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 21 Sep 2024 16:24:16 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 98ms
1ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://empower.goodwillindy.org/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 598148
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230107-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1695400347.599195,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 27, 63572

POST
H2 200 csp-report
q.stripe.com/ Frame 4AC3 0
718 B 509ms
165ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400346953363
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1695400346953132
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4AC3 0
717 B 510ms
166ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400346953458
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1695400346953183
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E26D 930 B
2 KB 69ms
0ms Document
text/html 2600:9000:2057:9a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 202
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 16:29:04 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: rknxQO-2okuWs15o-QWo52m46jXd3MBz2E9MvkvGkU_h8vwMXjba2Q==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 90ms
15ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:15:13 GMT
x-content-type-options: nosniff
age: 76633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:15:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 89ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:15:13 GMT
x-content-type-options: nosniff
age: 76633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:15:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:15:13 GMT
x-content-type-options: nosniff
age: 76633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:15:13 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 65ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:15:13 GMT
x-content-type-options: nosniff
age: 76633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:15:13 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 55ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:15:13 GMT
x-content-type-options: nosniff
age: 76633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:15:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 65ms
28ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:15:13 GMT
x-content-type-options: nosniff
age: 76633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:15:13 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 63ms
27ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://empower.goodwillindy.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 19:15:13 GMT
x-content-type-options: nosniff
age: 76633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 19:15:13 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame E26D 0
491 B 423ms
165ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400346953406
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1695400346953137
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame E26D 87 KB
16 KB 39ms
7ms Script
text/javascript 2600:9000:2057:9a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:31:15 GMT
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"69cb7809b5011312e716f29b3d19dce6"
age: 71
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: h_drbkjHLnkq3uZ57ScSrYHX4UzOb0CateRFHrr_R3JkX9kGM5qrkQ==

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
empower.goodwillindy.org/sso/ssobuild/js/ 34 KB
9 KB 518ms
510ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-c641606b1d587060----1695400346657
traceparent: 00-a29478eb67dc79d31d084336e1b63d00-c641606b1d587060-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjNjQxNjA2YjFkNTg3MDYwIiwidHIiOiJhMjk0NzhlYjY3ZGM3OWQzMWQwODQzMzZlMWI2M2QwMCIsInRpIjoxNjk1NDAwMzQ2NjU3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Sep 2023 23:17:24 GMT
server: cloudflare
etag: W/"65039484-893d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 80abf1a69d41bb5c-FRA
expires: Sat, 21 Sep 2024 16:32:27 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame E26D 156 B
670 B 524ms
175ms XHR
application/json 52.10.94.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.94.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-94-213.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98f6dcf8e5c94ab4b5e2fd5c7f182541f4b737e6aafaa28908d4a096953f820f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347173640
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1695400347173159
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
466 B 142ms
142ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=24318&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://empower.goodwillindy.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: e05362c3-0303-4cfd-a235-946d20f95b45
cf-ray: 80abf1a73e062c35-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 controller-9239195964f74ac7d035010429fa6fc6.html Show response
js.stripe.com/v3/ Frame A2E5 325 B
1 KB 21ms
21ms Document
text/html 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd499789aa0cc8dfa10bfe9e511cc447cc27f58dcf554793d8103f8e4e318a61

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://empower.goodwillindy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 22
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 16:32:07 GMT
etag: "9239195964f74ac7d035010429fa6fc6"
last-modified: Thu, 21 Sep 2023 22:20:16 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-id: Gi2WGlqhKIZ0theMeiWwC6xaKwO1JBbwN35NJIAEcpajDQDQl16g7g==
x-amz-cf-pop: CDG3-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html Show response
js.stripe.com/v3/ Frame 59D0 408 B
1 KB 21ms
21ms Document
text/html 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1a0477237aa35f2866b9da85a454cbfe81fa0140b9e303368c822723c963ce2e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://empower.goodwillindy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 102
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 16:30:59 GMT
etag: "20c2cf4f5b9ea242870672367f48a2a6"
last-modified: Thu, 21 Sep 2023 22:20:33 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-id: CTu-EhvNm8vytMmLwTQDI8H78z0Y01pS5FbeeyaP2JpB036j_3iq_A==
x-amz-cf-pop: CDG3-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html Show response
js.stripe.com/v3/ Frame 4CF2 344 B
1 KB 22ms
22ms Document
text/html 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

88395a7f3d862d090aa5c8f430c832d565cde33801234dff0317828ffec7c56f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://empower.goodwillindy.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 33
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Sep 2023 16:32:21 GMT
etag: "80846e8472702b473a692422b9cb8fc1"
last-modified: Thu, 21 Sep 2023 22:20:33 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-id: wIuIQdyxIuHkpo98a5tR3_bi_pKsnrsYu7T9-E4jdD1RY0k8K3V0xA==
x-amz-cf-pop: CDG3-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 shared-64ae3beea3113d48aa7486462fd2d12e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A2E5 494 KB
109 KB 24ms
22ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:21:38 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 649
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 22:20:31 GMT
server: Cloudfront
etag: W/"4ee047fd9c07072ad4206430e08adc9b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0NNMkl7L6B-rcqkhsYDez6oz8eZ-rCGHW0g1-tdhXnTC3wXUFKKZnQ==

GET
H2 200 controller-6911f86fec01b61d77aef174880786ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A2E5 573 KB
138 KB 24ms
23ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-6911f86fec01b61d77aef174880786ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

57cbe6b573d45adcf6ed7a6c9d5fe87651d4902f266cacaadad32552037eab89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:07:30 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 1496
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 20:06:46 GMT
server: Cloudfront
etag: W/"f25de5bf18bdc52a370fda9b0d5ee732"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tSuXbbTKnzApw1fZ4_3v2F-49VVay-D6oEgqVyQFrjWX9x1ZxsbNWA==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 59D0 117 KB
36 KB 142ms
67ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5LhIyqN2A4HRRfp1At6Acg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5LhIyqN2A4HRRfp1At6Acg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 22 Sep 2023 16:32:27 GMT

GET
H2 200 shared-64ae3beea3113d48aa7486462fd2d12e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 59D0 494 KB
109 KB 47ms
46ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:21:38 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 649
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 22:20:31 GMT
server: Cloudfront
etag: W/"4ee047fd9c07072ad4206430e08adc9b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7hD9JiRpjnleaNrDrudduuW42qv3z-uy1FVDWe9Rm8MaL-9w8KFY6w==

GET
H2 200 payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 59D0 10 KB
4 KB 23ms
23ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f05a075dfa9cee7ab76b28bf5ebb367646493c4c3712ad1fb6bff0378f49a573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-20c2cf4f5b9ea242870672367f48a2a6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:18:30 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 840
x-cache: Hit from cloudfront
last-modified: Tue, 19 Sep 2023 17:14:23 GMT
server: Cloudfront
etag: W/"8f9acb52354218d5f45674debf56b2bd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 9RwukOuDwftCKicf02iCymKFYf2f1CqkiQFCMp2ZCqWbgbUk46mIJA==

GET
H2 200 shared-64ae3beea3113d48aa7486462fd2d12e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4CF2 494 KB
109 KB 48ms
47ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 16:21:38 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 649
x-cache: Hit from cloudfront
last-modified: Thu, 21 Sep 2023 22:20:31 GMT
server: Cloudfront
etag: W/"4ee047fd9c07072ad4206430e08adc9b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7VJeqZfSuoLgHlr4h0r7bZf-bJ28oxWZtDnnNKADgQ9bQkwWHBlIGA==

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4CF2 12 KB
5 KB 48ms
48ms Script
text/javascript 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-96.cdg3.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-80846e8472702b473a692422b9cb8fc1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Sep 2023 15:39:37 GMT
via: 1.1 d62d0235c86cff9cbc14eb8c55f7a9fa.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 3176
x-cache: Hit from cloudfront
last-modified: Tue, 19 Sep 2023 17:14:23 GMT
server: Cloudfront
etag: W/"330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: uyiPhW7TmbVCCzzoqaEGsF9CM2V6DgmIHIeBpBEN-8K_IMKVR5V6Pw==

POST
H2 200 csp-report
q.stripe.com/ Frame A2E5 0
717 B 166ms
166ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347084961
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1695400347084625
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A2E5 474 B
864 B 54ms
17ms Fetch
application/json 13.225.34.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.34.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-34-96.cdg3.r.cloudfront.net
Software: Cloudfront /
Resource Hash: bd706928cbe29f194fb2a609e087e825f0204b84e6aa2d22480253917c41de55

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-9239195964f74ac7d035010429fa6fc6.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
via: 1.1 d6561aeeccb210202cf78b99f07c5234.cloudfront.net (CloudFront)
last-modified: Thu, 21 Sep 2023 22:54:56 GMT
server: Cloudfront
x-amz-cf-pop: CDG3-C2
age: 1
etag: "8f54db4c27308696a79e2296bec75759"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: mXXV4eLKUPNULwbUGJ-IJikllfEUnZQ0PnjoPGN6no56mlyTo_djjw==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame A2E5 2 KB
2 KB 342ms
262ms Fetch
application/json 18.202.131.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f48c20b4b6d6e38958a47dbdc61a35c81265fc2829ccf84213bd56e7604aa671

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1700
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4CF2 0
717 B 167ms
166ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347163655
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1695400347163226
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4CF2 0
717 B 165ms
165ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347163655
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1695400347163338
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 59D0 0
717 B 165ms
164ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347251424
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1695400347251155
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 59D0 0
717 B 167ms
167ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347251562
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1695400347251293
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 status Show response
empower.goodwillindy.org/sso/ 90 B
1 KB 465ms
464ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empower.goodwillindy.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361010449468920043659_1695400346654&_=1695400346655

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee1fe59bef3cf24bf8f9bbf07bebd14124d0051c14d66d6b0fc058285a468151

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-64e428fa2e7053d5----1695400347191
traceparent: 00-2f9c044e8cd850dd4842a93041eb7900-64e428fa2e7053d5-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NGU0MjhmYTJlNzA1M2Q1IiwidHIiOiIyZjljMDQ0ZThjZDg1MGRkNDg0MmE5MzA0MWViNzkwMCIsInRpIjoxNjk1NDAwMzQ3MTkxfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
X-Requested-With: XMLHttpRequest

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 80abf1a9d91dbb5c-FRA
x-xss-protection: 1; mode=block

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 249ms
223ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326920
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1695400347326448
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 236ms
210ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326495
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1695400347326239
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 240ms
215ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326328
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347326024
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 243ms
219ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347327120
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347326603
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 246ms
222ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347327188
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1695400347326462
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 237ms
214ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326111
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347325822
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 239ms
216ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326271
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347325896
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 242ms
219ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326372
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1695400347325764
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 233ms
211ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326265
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347325999
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 237ms
215ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326564
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347326188
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 237ms
216ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326609
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347326068
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C461 18 KB
8 KB 84ms
84ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

707d3004ccf0cc0ddd4ecefc5b57be2e883b7a7c9bf200df0b8ea8b17953afc2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-eUu4Mv98qpvrKEuCmbJnIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-eUu4Mv98qpvrKEuCmbJnIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 22 Sep 2023 16:32:27 GMT
expires: Fri, 22 Sep 2023 16:32:27 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 228ms
219ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347326715
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1695400347326162
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame E26D 156 B
669 B 180ms
179ms XHR
application/json 52.10.94.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.94.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-94-213.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98f6dcf8e5c94ab4b5e2fd5c7f182541f4b737e6aafaa28908d4a096953f820f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347362993
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1695400347362317
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame E26D 156 B
669 B 230ms
229ms XHR
application/json 52.10.94.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.94.213 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-94-213.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98f6dcf8e5c94ab4b5e2fd5c7f182541f4b737e6aafaa28908d4a096953f820f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1695400347414445
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1695400347412253
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame C461 156 KB
56 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgNL70Gxj-PcuKxEwEBJN31m09WOA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1795b381a37368af9b779cdd0dc8599b8a94592cc2a45becf3ad99750615434f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56290
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 00:58:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 16:53:04 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C461 2 KB
2 KB 121ms
120ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: info.goodwillindy.org
URL: https://info.goodwillindy.org/e3t/Ctc/GA+113/cfBRm04/VWbGk02_T6SdW5L2tMH6v6HzLW5DT7xy53MhsNN7KkK223qgyTW7Y8-PT6lZ3p0W5w8VZ53xTXxTW3GLvV36QGZvYW59k_yN6Ljm-JN3QtPR-zV5RmVmB4K_6w3l4RW3Bzp19274TWSVzVbdz1pCZl3W5b6xCH2ttK6SW19NpnC7XSyTFVNjl051Lfxb7W24vpZP5RHt2bN3rXrxwd3z8QW38zn6h3gw8RNW4TZb5M37p5PDVrdm_P1FRbgVW4LvfTl8sC-P3W1z6CJd4LJrHDW2d4QGb6Dcq8TW87v8tq76YJfLW5x_WLD6vGjmWW5x9Pvv4-bdpVW8DvD3L4xRwfkW8MLn9l2phx4ZW9cHVyv3gPqRDW3qTYCF2DY4CgW2cg8sC2vfjrYf1fYLrb04
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame C461 72 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjuAJU6flVO_5wLPgOpQKZhv8T4mA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgNL70Gxj-PcuKxEwEBJN31m09WOA/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffbbfada228717cc88e61c48e81cd36ad673db5f3837f72db99c5e5343c0eb38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 20:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26911
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 11:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 20:06:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 72ms
40ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Sep 2023 16:32:27 GMT
expires: Fri, 22 Sep 2023 16:32:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
39ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Sep 2023 16:32:27 GMT
expires: Fri, 22 Sep 2023 16:32:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame C461 1 MB
368 KB 77ms
76ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73a2993a144e5a3efbd484b9509a201bd975748c43ede9e6ac4f398e91d03980

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-VtUfJ0IABI_Mdu9ylWBwFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-VtUfJ0IABI_Mdu9ylWBwFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 22 Sep 2023 16:32:27 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame C461 9 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjuAJU6flVO_5wLPgOpQKZhv8T4mA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11eeca240ecddd7936acad6e2292aa2792ff1a1e7abb8a4a19e90c153cb35efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 20:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3926
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 11:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 20:06:29 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4Oh... Frame C461 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.lPyLlNV3yKg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjuAJU6flVO_5wLPgOpQKZhv8T4mA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c0875cef4eace5221d992c81183940791e21ccf1b3a019e08cc1e5340d1fb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 20:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13842
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 11:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 20:06:29 GMT

POST
H3 200 log Show response
play.google.com/ Frame C461 131 B
155 B 87ms
72ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 16:32:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame C461 131 B
155 B 85ms
70ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 16:32:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame C461 131 B
155 B 85ms
72ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 16:32:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame C461 131 B
155 B 85ms
72ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 16:32:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 71ms
41ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Sep 2023 16:32:27 GMT
expires: Fri, 22 Sep 2023 16:32:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 68ms
41ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Sep 2023 16:32:27 GMT
expires: Fri, 22 Sep 2023 16:32:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 170ms
169ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347502751
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1695400347502077
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 168ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347502669
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347502223
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 167ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347506634
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1695400347506420
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 168ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347509646
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1695400347509269
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
40ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Sep 2023 16:32:27 GMT
expires: Fri, 22 Sep 2023 16:32:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C461 131 B
155 B 76ms
72ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 16:32:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame C461 131 B
155 B 67ms
66ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Sep 2023 16:32:27 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 169ms
166ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347518929
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347518689
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 170ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347519376
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347518783
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 43ms
39ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Sep 2023 16:32:27 GMT
expires: Fri, 22 Sep 2023 16:32:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 170ms
170ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347519318
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1695400347518860
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 168ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347519280
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347518936
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A2E5 0
273 B 168ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64ae3beea3113d48aa7486462fd2d12e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 22 Sep 2023 16:32:27 GMT
x-stripe-server-envoy-start-time-us: 1695400347519768
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1695400347519556
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
empower.goodwillindy.org/static/global/images/digitalWallets/ 3 KB
1 KB 405ms
405ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://empower.goodwillindy.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://empower.goodwillindy.org/give/459907/?utm_campaign=UNBOXED%202023&utm_medium=email&_hsmi=275389894&_hsenc=p2ANqtz-_PDzRiZ2vv2faVr2_avp8eLGKD7WHDOxDojHXGhTc3debEC7mVwNTpDzwi5upFbZrR8gg631MY9Vu0uTo91CZ6XKbyjA&utm_content=275389894&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 16:32:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Sep 2023 20:31:52 GMT
server: cloudflare
etag: W/"650ca838-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 80abf1ab9afcbb5c-FRA
expires: Sat, 21 Sep 2024 16:32:27 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.goodwillindy.org/	1970-01-20 14:56:42	Name: __cf_bm Value: ggIsBluO8YLYz2uLXyECsvE7ODkGkmBOIsQ6FjBk9zU-1695400343-0-AbzsZFXTbh58c+gIYWytvFeKxTnydEzHM44z0L7dO5Hnv9WFz6vbYXnn53bhrmHv0d0HkOQ53V1aoJyylyxqZ0o=
.info.goodwillindy.org/	1969-12-31 23:59:59	Name: __cfruid Value: 9372f7d78240951dfd075ad16ab39cb723fa656b-1695400343
empower.goodwillindy.org/	1970-01-21 00:32:40	Name: connect.sid Value: s%3A5peczcXtqWhCmVNRUPpy3-rytSI41XE7.nxpI6z2%2F2OKASX0OhRdlKZ02hBnzAV3xVasldaSGF2U
.empower.goodwillindy.org/	1970-01-20 14:56:42	Name: __cf_bm Value: u9V0uQLGODS1m3_9WHkFs99kKgfxAOmeINMdAx07lsc-1695400344-0-AUB5yMemcR66qOMMVQAJX45dMPIYaKS1Be2nQuKNNg0FU8ROfkSx+SJ8DTpT4ds52NtKiGM06NOfF1mTR/JVbZI=
.empower.goodwillindy.org/	1969-12-31 23:59:59	Name: __cfruid Value: 455507cb17be2c6ee27e525332f8c71b96f76549-1695400344
.empower.goodwillindy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: awYklaGnLYFFcqangJlYWA9vA.Qyr7EQ7Z5L7wxn04k-1695400344746-0-604800000
.classy.org/	1970-01-20 14:56:42	Name: __cf_bm Value: hYgUxMhGNqEwIbufs2xKyP6tfX05HTE.qRMn8GbrOe8-1695400344-0-AXZZZ0z2Ssoqa3kQdXKlyjPq4LYzE9jel53BdtSc0apcD8C7bwaXOl/H8nKr4e2iItkvPenyEY0LGogndwk7IgY=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: qr4MQNTFop9RjcC9U0VqAC_95hqdl294s5A5dygBYpc-1695400344923-0-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: cIZiIFHjgso
.youtube.com/	1970-01-20 19:15:52	Name: VISITOR_INFO1_LIVE Value: 5D7r8qv2Pz8
empower.goodwillindy.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: zX38Zbvb-J8sfvpvqyZPoIkvvXEe20QQNkSQ
.google.com/	1970-01-20 19:20:11	Name: NID Value: 511=Ej48XgtJFLJRWqY9RCJpCM2DLZSz9wXHdShlr6_b3TrGsYZcM6vGni3SBeB2PKq8KqmbJqaSnswxOuVloL2zqn1OGDz7aA-xjgxKZkBleKIp9DzqM4dwYKyieyMUzgoJYaj9Z1lWOF7tte1aomYcI8_OtSH-oOPXv-HXI6qMREI
m.stripe.com/	1970-01-21 00:32:40	Name: m Value: d39002c9-1038-4b66-82e7-0d558187586f89c147
.empower.goodwillindy.org/	1970-01-20 23:42:16	Name: __stripe_mid Value: 20116e58-ee43-4f75-8569-5aeca53fc2e32e65f8
.empower.goodwillindy.org/	1970-01-20 14:56:42	Name: __stripe_sid Value: cb8c6fc9-7c51-412a-9b2e-1061214e11300e7cd4
empower.goodwillindy.org/	1970-01-20 14:56:41	Name: XSRF-TOKEN Value: eyJpdiI6IjFTbXF4UVRiYVJ6aTdxTHh6WGVUVmc9PSIsInZhbHVlIjoiMms2RzRMbHVUS1NnMjFGazFRMHJENXJIdEtKaENBTGh4a3plZkxkV3BLRjBXUmZjbGFWbE9MWVlmUXZLeUZnQ2g0TXBmejM4aXUrSHZnemJHNTlkWURrNXMxSEwxWVlZZFJTbGxxbExvZkJrQldvUTVGWTI5K3RXT1VWUTE0WTgiLCJtYWMiOiJhM2MzZjRkZjhhYTcwZWE3NzBlNDYyYWIxOGJkMGRiYWFkMzEwYmJkMTRhZDBmNzU3MGVjNTA3YzU3MGQ5MTA3In0%3D
empower.goodwillindy.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IlBhODd4OFdcLytZZ0JoUVVXZDRcL2lpZz09IiwidmFsdWUiOiI1WUI1MHJFUEF1S0x1ZUpHM0s4R2g3bU5jTzN4S2NLTGxQM0dZT1FiTDBndVZjclJRNTVDNFNtbDU4TWVNOFQrS0hGRUVxbHV1QmRjbUVDVm4zSEJHdkNVT3ZUMGR3Zm1PbXM2N3llNFRMVFJtTFwvcE5ZWEN2U0dHWkxkNTBlYjciLCJtYWMiOiJlYTkxNzUzZGM3ZWUwNmZkMTVhMDVlYjlmNTIzYjJmODhiOTc2YTUwYjBlYWVlYzc4Mzk2NDRhZDJiMGQxODI2In0%3D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
cdn.plaid.com
cdn.transcend.io
code.jquery.com
empower.goodwillindy.org
fonts.googleapis.com
fonts.gstatic.com
htp.tokenex.com
info.goodwillindy.org
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
static.cloudflareinsights.com
unpkg.com
www.gstatic.com
www.youtube.com
13.225.34.96
18.202.131.124
18.239.18.96
2600:9000:2057:9a00:19:7d10:bd80:93a1
2600:9000:26da:7200:2:8531:afc0:93a1
2606:2c40::c73c:6702
2606:4700::6810:3965
2606:4700::6810:7caf
2606:4700::6812:7c49
2606:4700::6812:c55f
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c07::5c
2a04:4e42:400::649
52.10.94.213
52.143.247.24
54.187.159.182
041e6d1eec94a570ebbdec65068ac14ee5c52aff89fc91d6fe4bd7d2b0d03ece
067fbd4d71953e84f7a7c8bf1841fddddcb4c3dd861fe40124e26bfe2933020d
0c6b1f6601b061eada2e1fd5873e744c2310d2126d025183bf56c7038f6907d5
11eeca240ecddd7936acad6e2292aa2792ff1a1e7abb8a4a19e90c153cb35efd
1795b381a37368af9b779cdd0dc8599b8a94592cc2a45becf3ad99750615434f
1a0477237aa35f2866b9da85a454cbfe81fa0140b9e303368c822723c963ce2e
1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8
1cd55f94963bf2c4c5181b2954bcde645cb1b1df9b28480320a781d7fefbbaaf
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1f019ebeb8d88913d2e24bfa2f156a74b4be074e889f87310bbbf5a1b021daaf
2233bcaed5a0bfa34e40adde2047c62ea8684b4e64923e7e7042057fb2789570
2482a52b9d28afd071c091bfccf3512ae6027dbbf0fdc2d6428339d8f8a05d7d
29b395234c92d0329740806dc03096baba4e84e630619667490d7bb49c87e4b5
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
4cbcf052edc16dcdf7e674e4e0dff0a86b81610b4143237286cbdec2c1d560fd
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53626236df04709fd3b8c777649d13b118a933fe92249fe2f574b9faadb9f9ef
57cbe6b573d45adcf6ed7a6c9d5fe87651d4902f266cacaadad32552037eab89
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
707d3004ccf0cc0ddd4ecefc5b57be2e883b7a7c9bf200df0b8ea8b17953afc2
72051eea2680cb85200568da3f230eb824e7c40e206c010376021de4a96021b5
73a2993a144e5a3efbd484b9509a201bd975748c43ede9e6ac4f398e91d03980
76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
8028a80160247b9a0c01d7986bf837f839a67521874b58b436d82a5e09353a95
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
88395a7f3d862d090aa5c8f430c832d565cde33801234dff0317828ffec7c56f
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8c0875cef4eace5221d992c81183940791e21ccf1b3a019e08cc1e5340d1fb39
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98f6dcf8e5c94ab4b5e2fd5c7f182541f4b737e6aafaa28908d4a096953f820f
9cdf53a82e82b067bad418f45aac83c58c60f563249793784111e4a876f09639
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9fa101eb8187170c04e5b2b0c46c611a6aa029e8eb4ca816193ebd5bbc4567be
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b6b3e0bf43ef3966267bb7119541b8584f2fbd6c11da5ff3e3d8d1096fdb6c65
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
bd706928cbe29f194fb2a609e087e825f0204b84e6aa2d22480253917c41de55
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c4f24795d3ef6e6db8efb32941d9403b17632907bbb83f091c7ac0bf50cea2d9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd499789aa0cc8dfa10bfe9e511cc447cc27f58dcf554793d8103f8e4e318a61
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75c101853ecba8dcde5c2144bba49296e48794453616ddf7e2b2b21e4f2b793
ee1fe59bef3cf24bf8f9bbf07bebd14124d0051c14d66d6b0fc058285a468151
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f05a075dfa9cee7ab76b28bf5ebb367646493c4c3712ad1fb6bff0378f49a573
f48c20b4b6d6e38958a47dbdc61a35c81265fc2829ccf84213bd56e7604aa671
f9912e7a2db767e92350da13ee85bf9df1931b268248d68d7922abd0380f4dfc
faa479f6ab9e6ce381d4dc92196b147f88b5247182d37ea4764182d0ca37f7f9
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffbbfada228717cc88e61c48e81cd36ad673db5f3837f72db99c5e5343c0eb38

empower.goodwillindy.org Open in urlscan Pro 2606:4700::6812:c55f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

100 %HTTPS

70 %IPv6

14 Domains

23 Subdomains

21 IPs

6 Countries

2835 kBTransfer

10279 kBSize

17 Cookies

7 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

empower.goodwillindy.org Open in urlscan Pro
2606:4700::6812:c55f Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

100 %
HTTPS

70 %
IPv6

14
Domains

23
Subdomains

21
IPs

6
Countries

2835 kB
Transfer

10279 kB
Size

17
Cookies

118 HTTP transactions
1 data transactions