support.theguardian.com Open in urlscan Pro
151.101.1.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ablink.editorial.theguardian.com/ss/c/CBTDA9A8ekKRGj7WM2dV3mGTtSlwGUtU4W_nXP2YhnTxuFOan4J9KkQ2lZC0MirRrEuWUzuwIxpbfYMy9kj4G1durHv...
Effective URL:
https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsA...
Submission: On July 30 via api (July 30th 2023, 6:16:43 am UTC) from BE — Scanned from DE

Summary HTTP 98 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 6 domains to perform 98 HTTP transactions. The main IP is 151.101.1.111, located in United States and belongs to FASTLY, US. The main domain is support.theguardian.com. The Cisco Umbrella rank of the primary domain is 23496.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on December 19th 2022. Valid for: a year.

This is the only time support.theguardian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2a04:4e42::367 2a04:4e42::367	54113 (FASTLY) (FASTLY)
5 7	151.101.1.111 151.101.1.111	54113 (FASTLY) (FASTLY)
9	63.35.46.148 63.35.46.148	16509 (AMAZON-02) (AMAZON-02)
11	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400c:c04::5c	15169 (GOOGLE) (GOOGLE)
5	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	18.202.131.124 18.202.131.124	16509 (AMAZON-02) (AMAZON-02)
28	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.27 18.66.147.27	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
98	12

22 2a04:4e42::367 (United States) 1 redirects

ASN54113 (FASTLY, US)

ablink.editorial.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sourcepoint.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
interactive.guim.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.1.111 (United States) 5 redirects

ASN54113 (FASTLY, US)

support.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
profile.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.35.46.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

ophan.theguardian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.131.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-27.fra60.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	stripe.com js.stripe.com — Cisco Umbrella Rank: 1858 q.stripe.com — Cisco Umbrella Rank: 17709 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 10440 r.stripe.com — Cisco Umbrella Rank: 6255	696 KB
30	theguardian.com 6 redirects ablink.editorial.theguardian.com — Cisco Umbrella Rank: 266451 support.theguardian.com — Cisco Umbrella Rank: 23496 profile.theguardian.com — Cisco Umbrella Rank: 184288 sourcepoint.theguardian.com — Cisco Umbrella Rank: 19201 ophan.theguardian.com — Cisco Umbrella Rank: 16608	416 KB
16	google.com pay.google.com — Cisco Umbrella Rank: 3381 play.google.com — Cisco Umbrella Rank: 70	400 KB
8	guim.co.uk assets.guim.co.uk — Cisco Umbrella Rank: 18687 media.guim.co.uk — Cisco Umbrella Rank: 44455 interactive.guim.co.uk — Cisco Umbrella Rank: 21091	193 KB
4	gstatic.com www.gstatic.com	100 KB
1	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4079	1 KB
98	6

	Domain	Requested by
28	r.stripe.com	js.stripe.com
13	sourcepoint.theguardian.com	support.theguardian.com sourcepoint.theguardian.com
12	play.google.com	www.gstatic.com
11	js.stripe.com	support.theguardian.com js.stripe.com
9	ophan.theguardian.com	support.theguardian.com
6	support.theguardian.com	4 redirects support.theguardian.com
5	q.stripe.com	support.theguardian.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com support.theguardian.com www.gstatic.com
4	assets.guim.co.uk	support.theguardian.com
3	interactive.guim.co.uk
1	cdn.privacy-mgmt.com	sourcepoint.theguardian.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	media.guim.co.uk	support.theguardian.com
1	profile.theguardian.com	1 redirects
1	ablink.editorial.theguardian.com	1 redirects
98	16

This site contains links to these domains. Also see Links.

Domain
www.theguardian.com
patrons.theguardian.com

Subject Issuer	Validity	Valid
theguardian.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-19` - `2024-01-20`	a year	crt.sh
ophan.theguardian.com Amazon RSA 2048 M02	`2023-05-30` - `2024-06-27`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-21` - `2023-11-16`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
*.privacy-mgmt.com Amazon RSA 2048 M02	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns
Frame ID: 342C76881790C74607AD8BC88C4A78EF
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-daf32eee991b305995e20cbb3e9aabe0.html
Frame ID: 6AC79C9C3094E9F183FD891CF9EBD2D7
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html
Frame ID: 2672A51897926243B55FC636AE6927C2
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-26f2a9b23618bb103b49e5a671e4e750.html
Frame ID: C4FBA17BC3B8816ADD890127B05FE756
Requests: 5 HTTP requests in this frame

Frame: https://sourcepoint.theguardian.com/index.html?message_id=838362&consentUUID=null&requestUUID=af0ea5c3-14f5-4860-bd3b-3c47148e3c17&preload_message=true&hasCsp=true&version=v1
Frame ID: EF74F7468581EC137385152DC89FB035
Requests: 9 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 3AEB344CE861001F97D618CE7F7CA5E7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Support the Guardian

Page URL History Show full URLs

https://ablink.editorial.theguardian.com/ss/c/CBTDA9A8ekKRGj7WM2dV3mGTtSlwGUtU4W_nXP2YhnTxuFOan4J9KkQ2lZC0MirRrEuWUzu... HTTP 302
https://support.theguardian.com/contribute?utm_source=eml&utm_medium=emedt&utm_campaign=bestofguardianopinio... HTTP 302
https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23Georg... HTTP 303
https://support.theguardian.com/oauth/authorize HTTP 303
https://profile.theguardian.com/oauth2/aus3xgj525jYQRowl417/v1/authorize?state=phOgzQeQZNn4D6Nb4ufvaJNdqmUHi... HTTP 302
https://support.theguardian.com/oauth/callback?state=phOgzQeQZNn4D6Nb4ufvaJNdqmUHi1Wq&error=login_required&e... HTTP 303
https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23Georg... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

98
Requests

100 %
HTTPS

36 %
IPv6

6
Domains

16
Subdomains

12
IPs

4
Countries

1801 kB
Transfer

5881 kB
Size

11
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.theguardian.com/
Title: Return to the GuardianThe Guardian

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/info/2016/apr/04/contribution-terms-and-conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/help/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://patrons.theguardian.com/?INTCMP=gdnwb_copts_support_contributions_referral
Title: Find out more today.

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/info/privacy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/help/contact-us
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.theguardian.com/help
Title: Help centre

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ablink.editorial.theguardian.com/ss/c/CBTDA9A8ekKRGj7WM2dV3mGTtSlwGUtU4W_nXP2YhnTxuFOan4J9KkQ2lZC0MirRrEuWUzuwIxpbfYMy9kj4G1durHvZmndtK8RtLXostMXtJXCrB7jMtpptTVZLXjTAiiRK6rq6mcJyJV-9N257M6nQFRKGEcYr9uvgOV9VazpjQMXQ-Mj9V2B1W2S7f3E9X8BH4K8F3aGla_skmpCqXCtH9kenwJdnOsFOFEk8pmEe-oSrjo0BUrHwiP_K6iVoxOWnBImM9kJnsnTBvzYdCkDNw5vdYc5Um5nZOARAn68q-g35tv5eQecaXU1rbyDlPKilalP3bIh-lvzLmlLm3g/3y8/Sl0FrBIASqqsU5-1_AQOtA/h28/K6GhYBWmPY8dufuX9KzvmODV3Bm32BzFAR8yUrN69j8 HTTP 302
https://support.theguardian.com/contribute?utm_source=eml&utm_medium=emedt&utm_campaign=bestofguardianopinionus&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&CMP_TU=mawns&CMP_BUNIT=edtrl&utm_term=64c2e1d943fcfdaffd34611a202b3d1b HTTP 302
https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns HTTP 303
https://support.theguardian.com/oauth/authorize HTTP 303
https://profile.theguardian.com/oauth2/aus3xgj525jYQRowl417/v1/authorize?state=phOgzQeQZNn4D6Nb4ufvaJNdqmUHi1Wq&scope=openid+profile+email+id_token.profile.support+guardian.members-data-api.read.self+guardian.members-data-api.complete.read.self.secure&client_id=0oa79m3ecvbJXDSqg417&code_challenge=OSitZgMLvD40seHtKqPYcSQoaLDu1OxwXWXC_VVvL_o&code_challenge_method=S256&response_type=code&prompt=none&redirect_uri=https%3A%2F%2Fsupport.theguardian.com%2Foauth%2Fcallback HTTP 302
https://support.theguardian.com/oauth/callback?state=phOgzQeQZNn4D6Nb4ufvaJNdqmUHi1Wq&error=login_required&error_description=The+client+specified+not+to+prompt%2C+but+the+user+is+not+logged+in. HTTP 303
https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request contribute Show response
support.theguardian.com/eu/
Redirect Chain

https://ablink.editorial.theguardian.com/ss/c/CBTDA9A8ekKRGj7WM2dV3mGTtSlwGUtU4W_nXP2YhnTxuFOan4J9KkQ2lZC0MirRrEuWUzuwIxpbfYMy9kj4G1durHvZmndtK8RtLXostMXtJXCrB7jMtpptTVZLXjTAiiRK6rq6mcJyJV-9N257M6n...
https://support.theguardian.com/contribute?utm_source=eml&utm_medium=emedt&utm_campaign=bestofguardianopinionus&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&CMP_TU=mawns&CMP_BUNIT=edtrl&ut...
https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c...
https://support.theguardian.com/oauth/authorize
https://profile.theguardian.com/oauth2/aus3xgj525jYQRowl417/v1/authorize?state=phOgzQeQZNn4D6Nb4ufvaJNdqmUHi1Wq&scope=openid+profile+email+id_token.profile.support+guardian.members-data-api.read.se...
https://support.theguardian.com/oauth/callback?state=phOgzQeQZNn4D6Nb4ufvaJNdqmUHi1Wq&error=login_required&error_description=The+client+specified+not+to+prompt%2C+but+the+user+is+not+logged+in.
https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c...

829 KB
238 KB

145ms
144ms

Document
text/html

151.101.1.111
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.111 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

503532574ae2a4ee4a9dc800e3afa8df60956da07c7f25993765369f67700e18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://gnmtouchpoint--c.eu31.visual.force.com https://gnmtouchpoint.lightning.force.com https://www.theguardian.com https://gnmtouchpoint--c.vf.force.com; object-src 'none'; base-uri 'none'; default-src 'self' https://ccpa-pm.sp-prod.net https://cdn.privacy-mgmt.com https://gdpr-tcfv2.sp-prod.net https://ccpa-service.sp-prod.net https://ccpa-notice.sp-prod.net https://sourcepoint.theguardian.com https://ccpa.sp-prod.net https://services.postcodeanywhere.co.uk https://stripe-intent.support.guardianapis.com members-data-api.theguardian.com metric-push-api-prod.support.guardianapis.com www.paypalobjects.com www.paypal.com t.paypal.com www.sandbox.paypal.com js.stripe.com https://payments.amazon.com https://payments-sandbox.amazon.com https://coin.amazonpay.com https://api-cdn.amazon.com static-na.payments-amazon.com ophan.theguardian.com j.ophan.co.uk media.guim.co.uk uploads.guim.co.uk www.google-analytics.com www.googletagmanager.com tagmanager.google.com assets.guim.co.uk www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk static.ads-twitter.com bat.bing.com bid.g.doubleclick.net t.co analytics.twitter.com stats.g.doubleclick.net www.youtube-nocookie.com connect.facebook.net www.facebook.com checkout.stripe.com fonts.googleapis.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com sentry.io *.quantummetric.com blob: data: wss: 'unsafe-inline' q.stripe.com payment.guardianapis.com https://interactive.guim.co.uk/ https://www.theguardian.com/ https://theguardian.com/
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-length: 243212
content-security-policy: frame-ancestors https://gnmtouchpoint--c.eu31.visual.force.com https://gnmtouchpoint.lightning.force.com https://www.theguardian.com https://gnmtouchpoint--c.vf.force.com; object-src 'none'; base-uri 'none'; default-src 'self' https://ccpa-pm.sp-prod.net https://cdn.privacy-mgmt.com https://gdpr-tcfv2.sp-prod.net https://ccpa-service.sp-prod.net https://ccpa-notice.sp-prod.net https://sourcepoint.theguardian.com https://ccpa.sp-prod.net https://services.postcodeanywhere.co.uk https://stripe-intent.support.guardianapis.com members-data-api.theguardian.com metric-push-api-prod.support.guardianapis.com www.paypalobjects.com www.paypal.com t.paypal.com www.sandbox.paypal.com js.stripe.com https://payments.amazon.com https://payments-sandbox.amazon.com https://coin.amazonpay.com https://api-cdn.amazon.com static-na.payments-amazon.com ophan.theguardian.com j.ophan.co.uk media.guim.co.uk uploads.guim.co.uk www.google-analytics.com www.googletagmanager.com tagmanager.google.com assets.guim.co.uk www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk static.ads-twitter.com bat.bing.com bid.g.doubleclick.net t.co analytics.twitter.com stats.g.doubleclick.net www.youtube-nocookie.com connect.facebook.net www.facebook.com checkout.stripe.com fonts.googleapis.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com sentry.io *.quantummetric.com blob: data: wss: 'unsafe-inline' q.stripe.com payment.guardianapis.com https://interactive.guim.co.uk/ https://www.theguardian.com/ https://theguardian.com/
content-type: text/html; charset=UTF-8
date: Sun, 30 Jul 2023 06:16:38 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security: max-age=31557600
vary: Accept-Encoding,Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697798.985008,VS0,VE138
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
content-security-policy: frame-ancestors https://gnmtouchpoint--c.eu31.visual.force.com https://gnmtouchpoint.lightning.force.com https://www.theguardian.com https://gnmtouchpoint--c.vf.force.com; object-src 'none'; base-uri 'none'; default-src 'self' https://ccpa-pm.sp-prod.net https://cdn.privacy-mgmt.com https://gdpr-tcfv2.sp-prod.net https://ccpa-service.sp-prod.net https://ccpa-notice.sp-prod.net https://sourcepoint.theguardian.com https://ccpa.sp-prod.net https://services.postcodeanywhere.co.uk https://stripe-intent.support.guardianapis.com members-data-api.theguardian.com metric-push-api-prod.support.guardianapis.com www.paypalobjects.com www.paypal.com t.paypal.com www.sandbox.paypal.com js.stripe.com https://payments.amazon.com https://payments-sandbox.amazon.com https://coin.amazonpay.com https://api-cdn.amazon.com static-na.payments-amazon.com ophan.theguardian.com j.ophan.co.uk media.guim.co.uk uploads.guim.co.uk www.google-analytics.com www.googletagmanager.com tagmanager.google.com assets.guim.co.uk www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk static.ads-twitter.com bat.bing.com bid.g.doubleclick.net t.co analytics.twitter.com stats.g.doubleclick.net www.youtube-nocookie.com connect.facebook.net www.facebook.com checkout.stripe.com fonts.googleapis.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com sentry.io *.quantummetric.com blob: data: wss: 'unsafe-inline' q.stripe.com payment.guardianapis.com https://interactive.guim.co.uk/ https://www.theguardian.com/ https://theguardian.com/
date: Sun, 30 Jul 2023 06:16:37 GMT
location: /eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security: max-age=31557600
vary: Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697798.875521,VS0,VE101
x-xss-protection: 1; mode=block

GET
H2 200 polyfill.min.js Show response
assets.guim.co.uk/polyfill.io/v3/ 165 B
921 B 57ms
56ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/polyfill.io/v3/polyfill.min.js?rum=0&features=es6,es7,es2017,es2018,es2019,default-3.6,HTMLPictureElement,IntersectionObserver,IntersectionObserverEntry,fetch,NodeList.prototype.forEach,ResizeObserver&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1

Requested by

Host: support.theguardian.com
URL: https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 324436
detected-user-agent: Chrome/115.0.0
x-cache: HIT
x-gu-debug-url: /v3/polyfill.min.js?rum=0&features=es6,es7,es2017,es2018,es2019,default-3.6,HTMLPictureElement,IntersectionObserver,IntersectionObserverEntry,fetch,NodeList.prototype.forEach,ResizeObserver&flags=gated&callback=guardianPolyfilled&unknown=polyfill&cacheClear=1
useragent_normaliser: chrome/115.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
content-length: 148
x-served-by: cache-fra-eddf8230126-FRA
referrer-policy: origin-when-cross-origin
last-modified: Mon, 24 Jul 2023 22:12:52 GMT
x-timer: S1690697798.183074,VS0,VE2
fastly_service_version: 222
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/115.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 GuardianTextSans-Regular.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 15 KB
16 KB 23ms
7ms Font
font/woff2 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://support.theguardian.com/
Origin: https://support.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: tKKp.XjpprpAViNnE3ezgGnqSJ6ReAZm
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: QX6MPQ9B1KF9VNCX
age: 14653401
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Regular.woff2
fastly-restarts: 1
x-amz-id-2: 2IMiFjOmpJSDInCuVc2YVjXg5lUzKzS7jGRZXxDwo2oLG/x6iRuAXOm6YCbVFVkz7pTqlfT+sm1nwY4BDGdvZQ==
x-served-by: cache-fra-etou8220050-FRA
content-length: 15416
last-modified: Fri, 10 Feb 2023 15:45:12 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1690697798.166605,VS0,VE0
etag: "5c9af23772b65de0d3f1fb8638c196b4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1868

GET
H2 200 GuardianTextSans-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/ 17 KB
17 KB 25ms
8ms Font
font/woff2 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://support.theguardian.com/
Origin: https://support.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: Msu4H0RN5fNTmFpmsaDu.cipueaXmWBh
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: RG4WTED645C0PCMB
age: 14653374
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-textsans/noalts-not-hinted/GuardianTextSans-Bold.woff2
fastly-restarts: 1
x-amz-id-2: cIzu7DCF6bzZOPlTK/XMsu5xdBebowa1Fl1IniIYF1LIYSpwBekkG9rztGs5qD2zQ6VtO2G7Izk=
x-served-by: cache-fra-etou8220050-FRA
content-length: 17376
last-modified: Fri, 10 Feb 2023 15:45:11 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1690697798.166816,VS0,VE0
etag: "227b6e4f26bef19d8f2815f6097b7b7c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1945

GET
H2 200 GHGuardianHeadline-Bold.woff2
assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/ 16 KB
16 KB 24ms
8ms Font
font/woff2 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.guim.co.uk/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://support.theguardian.com/
Origin: https://support.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: cZB.5DOXNYvF_6or5.utmjVZGw4SnT9B
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 0HEK4V2BJ0MW6EM0
age: 14653160
x-amz-server-side-encryption: AES256
x-cache: HIT
x-gu-debug-url: /PROD/frontend-static/static/frontend/fonts/guardian-headline/noalts-not-hinted/GHGuardianHeadline-Bold.woff2
fastly-restarts: 1
x-amz-id-2: yNU6+2y5E5LRTAykGGqN2M80xp7G6By5O4qVx/5lStPkEWDQSWTBJeR5z4NU7cjgyd7Uu7/J/tA=
x-served-by: cache-fra-etou8220050-FRA
content-length: 16492
last-modified: Fri, 10 Feb 2023 15:45:10 GMT
server: AmazonS3
x-fonts-legal-notice: The displayed fonts and associated software are the exclusive property of Schwartzco Inc (trading as Commercial Type). Reproduction or further transmission of all or part of the fonts, or use of the associated software, without written permission of Commercial Type is prohibited. By displaying the fonts, no permission or sub-licence is granted by Guardian News & Media Limited for use of the fonts by third parties.
x-timer: S1690697798.166805,VS0,VE0
etag: "f5d54732577509c40f5a5a47f47aeab5"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1831

GET
H2 200 249.1809d28085a6b2155497.js Show response
support.theguardian.com/assets/webpack/ 70 KB
21 KB 7ms
7ms Script
application/javascript 151.101.1.111
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://support.theguardian.com/assets/webpack/249.1809d28085a6b2155497.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.111 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

115ab01058233756fb55c92562e2d3657083d98315dcc6d23fdd282042e2d917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-amz-request-id: 5G2J2TGFABK37VX8
age: 1312450
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 20767
x-amz-id-2: +JB7BZW3dqPAUTp5GV/NyhN86YRnU3ZuexZsWuG88X9yeWEKwXwqd9XjUMWrWR5ABNmKIJef8E4=
x-served-by: cache-fra-etou8220050-FRA
last-modified: Fri, 14 Jul 2023 11:03:48 GMT
server: AmazonS3
x-timer: S1690697798.249329,VS0,VE1
etag: "7fb2facb0d6ed6d5b5bd3f77ba8a46db"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
sourcepoint.theguardian.com/unified/ 123 KB
38 KB 12ms
11ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dc08e3ae4d5ca5ceacf0011a84234111b2d5f7bdf186d030ffa3d817aa6cdf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA2-C2
age: 2882
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Thu, 29 Jun 2023 14:26:14 GMT
server: AmazonS3
x-timer: S1690697798.360366,VS0,VE1
etag: W/"e36c82b92b946b2bfb7ac57e109ff6fd"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 9txyThw00I3H0LOAxywNFZGdSo61XCT7XR4HfuNIyI452c0A5f3yUQ==
x-cache-hits: 0

GET
H2 204 1
ophan.theguardian.com/img/ 0
485 B 126ms
31ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/1?v=16&platform=support&url=https%3A%2F%2Fsupport.theguardian.com%2Feu%2Fcontribute%3Futm_source%3Deml%26CMP_BUNIT%3Dedtrl%26utm_content%3DFront_CNJuly23GeorgeMonbiotFoodSystemsAcq%26utm_campaign%3Dbestofguardianopinionus%26utm_medium%3Demedt%26utm_term%3D64c2e1d943fcfdaffd34611a202b3d1b%26CMP_TU%3Dmawns&ref=&visibilityState=visible&tz=0&viewId=lkp1te90zxyvkn52hxjc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
216 B 124ms
30ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=lkp1te90zxyvkn52hxjc&abTestRegister=%7B%222023-07-21_SUPPORTER_AMOUNTS_R7__EU%22%3A%7B%22variantName%22%3A%22CONTROL%22%2C%22complete%22%3Afalse%2C%22campaignCodes%22%3A%5B%5D%7D%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 500.png
media.guim.co.uk/a91ad6fb3f034f44b32b11ee8c8e042844702c01/0_0_1170_681/ 42 KB
42 KB 21ms
17ms Image
image/png 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.guim.co.uk/a91ad6fb3f034f44b32b11ee8c8e042844702c01/0_0_1170_681/500.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1696fc2eacf6badbdc1749d12f46d253a74e0af05b4135bf9a82f04d1ed806b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600040-LCY, cache-lcy-eglc8600040-LCY, cache-fra-eddf8230126-FRA, cache-fra-eddf8230126-FRA
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31536000
last-modified: Wed, 09 Nov 2022 15:55:17 GMT
server: AmazonS3
age: 1233812
x-timer: S1690697798.432975,VS0,VS0,VE2
etag: "ba12678deee276314dab6e8fa460ed00"
x-cache: HIT, HIT, HIT, HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43113
x-cache-hits: 1955, 1955, 1, 1

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 77ms
30ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=lkp1te90zxyvkn52hxjc&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_OTHER%22%2C%22id%22%3A%22payment-method-selector-Sepa%22%7D%2C%22action%22%3A%22INSERT%22%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 77ms
30ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 76ms
30ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 77ms
31ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=lkp1te90zxyvkn52hxjc&attentionMs=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 v3 Show response
js.stripe.com/ 517 KB
144 KB 50ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3?advancedFraudSignals=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c15f2e9f10c541ddf02ec366f35d3efb1f3eff9b156fb40941b2042fa8e00af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 53
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146973
x-request-id: e5fa88b8-a7d2-4433-b376-74c95f8a8347
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Fri, 28 Jul 2023 20:46:45 GMT
server: Fastly
etag: "72c2078aa42f433e3136169de90168e4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 gdpr-tcf.04abc9c12f5845f5ba5b.bundle.js Show response
sourcepoint.theguardian.com/unified/4.10.1/ 86 KB
19 KB 11ms
9ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/unified/4.10.1/gdpr-tcf.04abc9c12f5845f5ba5b.bundle.js

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

74889fe974fb778a8fc0ab224e1fe77e3ff23cbdeb785d8d4aeca50331e80c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: gzip
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA2-C2
age: 45216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Wed, 28 Jun 2023 17:46:08 GMT
server: AmazonS3
x-timer: S1690697799.508372,VS0,VE2
etag: W/"7ba347f99e637b198f4edf955b434738"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: tFWUtfBjBkRdySr5vsDrstM13qbXOAXmVp8pLRwFjS1rgoaN9WL5MA==
x-cache-hits: 0

GET
H2 200 get_site_data Show response
sourcepoint.theguardian.com/mms/v2/ 207 B
597 B 17ms
17ms XHR
application/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fsupport.theguardian.com%2Feu%2Fcontribute&account_id=1257

Requested by

Host: support.theguardian.com
URL: https://support.theguardian.com/assets/webpack/249.1809d28085a6b2155497.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11c18a946d974537076fea01010eb8c57b94c8e17727ef817b89e69c40ec999c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront), 1.1 varnish
x-sp-mms-node: ip-10-128-37-144
strict-transport-security: max-age=300
x-amz-cf-pop: ZRH55-P1
age: 81062
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697799.508037,VS0,VE10
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: c957rhQ7o_Tagl281roUT6o1588dL4FB0Cw-dEkcebGEyrDt51fGcA==
x-cache-hits: 0

OPTIONS
H2 200 meta-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 0
0 17ms
17ms Preflight
text/plain 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.10.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://support.theguardian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 18130
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 30 Jul 2023 06:16:38 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: hcY6CmeZ9aIGGP7nkCc67HRbGmOndrl0Ozj-gMZrsCamRdRKv66GCA==
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront, MISS
x-cache-hits: 0
x-powered-by: Express
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697799.531171,VS0,VE10

GET
H2 200 meta-data Show response
sourcepoint.theguardian.com/wrapper/v2/ 226 B
528 B 22ms
21ms XHR
application/json 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/meta-data?hasCsp=true&accountId=1257&env=prod&metadata=%7B%22gdpr%22%3A%7B%7D%7D&propertyId=7417&ch=null&scriptVersion=4.10.1&scriptType=unified

Requested by

Host: support.theguardian.com
URL: https://support.theguardian.com/assets/webpack/249.1809d28085a6b2155497.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

88ce1e930ace8587b0514ffdd9ab9400b7368d68c27aa85e36c594596ee958cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://support.theguardian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: ZRH55-P1
age: 27
x-powered-by: Express
x-cache: Hit from cloudfront, MISS
content-length: 226
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697799.548687,VS0,VE9
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: hCb132lIaL0kOuvpl398YqK2Tf8CiCR-DlBAYdUdHwTKYYtVriTWag==
x-cache-hits: 0

OPTIONS
H2 200 messages
sourcepoint.theguardian.com/wrapper/v2/ Frame 0
0 17ms
17ms Preflight
text/plain 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1257%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%22framework%22%3A%22tcfv2%22%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theguardian.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fsupport.theguardian.com%2Feu%2Fcontribute%22%7D&localState=null&metadata=%7B%22gdpr%22%3A%7B%22applies%22%3Atrue%7D%7D&nonKeyedLocalState=null&ch=426921557426921557fda1&scriptVersion=4.10.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://support.theguardian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 73511
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 30 Jul 2023 06:16:38 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: F4zGrVZStoNF6eZGje4P90dRzMbLH7Av3h_VOCr-djEAW2bzZo3bYg==
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront, MISS
x-cache-hits: 0
x-powered-by: Express
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697799.597661,VS0,VE11

GET
H2 200 messages Show response
sourcepoint.theguardian.com/wrapper/v2/ 77 KB
10 KB 26ms
25ms XHR
application/json 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: support.theguardian.com
URL: https://support.theguardian.com/assets/webpack/249.1809d28085a6b2155497.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

a8bd068d8a3e8db509fff17cecbd1e5a750b6854d5a36450b6c05e789d31ee19

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://support.theguardian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: gzip
via: 1.1 b50b0f4274b74414c7dcdb544e6090a2.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: ZRH55-P1
age: 212
x-powered-by: Express
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697799.616830,VS0,VE18
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: -yb4I_CA1QY4JNFDvpqnRDXaZ9AcIBCOAVGxiKQMjAuGn8UjQ_Ybnw==
x-cache-hits: 0

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 30ms
30ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=lkp1te90zxyvkn52hxjc&performance=%7B%22dns%22%3A0%2C%22connection%22%3A0%2C%22firstByte%22%3A145%2C%22lastByte%22%3A76%2C%22domContentLoadedEvent%22%3A263%2C%22loadEvent%22%3A130%2C%22navType%22%3A0%2C%22redirectCount%22%3A0%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 controller-daf32eee991b305995e20cbb3e9aabe0.html Show response
js.stripe.com/v3/ Frame 6AC7 325 B
712 B 8ms
8ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-daf32eee991b305995e20cbb3e9aabe0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3?advancedFraudSignals=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

52af8f7fe794bad35294330a3e23152e9f4b2b111d944e285c084382f3812abb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.theguardian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 19
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 30 Jul 2023 06:16:38 GMT
etag: "daf32eee991b305995e20cbb3e9aabe0"
last-modified: Fri, 28 Jul 2023 20:17:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 7d330e5c-e419-41a4-b20a-7909b90dd67d
x-served-by: cache-fra-eddf8230085-FRA

GET
H3 200 payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html Show response
js.stripe.com/v3/ Frame 2672 408 B
1 KB 13ms
12ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3?advancedFraudSignals=false

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e01ffcb53926f928a21b0380554f401589a983934ebf512fe97d56516dd44adc

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.theguardian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 122187
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 30 Jul 2023 06:16:38 GMT
etag: "67fc14ae773342189b3e5b49b17c6fe1"
last-modified: Fri, 28 Jul 2023 20:17:20 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 959
x-content-type-options: nosniff
x-request-id: a2de18de-02d5-489e-945b-3cb884699002
x-served-by: cache-fra-eddf8230098-FRA

GET
H3 200 payment-request-inner-browser-26f2a9b23618bb103b49e5a671e4e750.html Show response
js.stripe.com/v3/ Frame C4FB 344 B
1 KB 11ms
10ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-26f2a9b23618bb103b49e5a671e4e750.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3?advancedFraudSignals=false

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0d91987cbf64990414e1741cbb74a6dd6e0c5a1c1d93ffb87913ea5fe127ff0d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.theguardian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 56
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 30 Jul 2023 06:16:38 GMT
etag: "26f2a9b23618bb103b49e5a671e4e750"
last-modified: Fri, 28 Jul 2023 20:17:20 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 2c5005ad-eb9d-4b56-9d94-9679ad4f65d5
x-served-by: cache-fra-eddf8230098-FRA

GET
H3 200 shared-eb9510301ede3ebc27b12f19fa9959f5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6AC7 518 KB
130 KB 15ms
15ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-daf32eee991b305995e20cbb3e9aabe0.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a6e30f9401e3757562da9f88f23fddffb1ebf15d763fb1bd5f17e6c124a70619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-daf32eee991b305995e20cbb3e9aabe0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 122263
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 132680
x-request-id: 9e9dac11-63f5-4032-a892-12d974091fbb
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Fri, 28 Jul 2023 20:17:19 GMT
server: Fastly
etag: "e21b3f1f4410ae8a44a3d7ade42d347f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1334

GET
H3 200 controller-d3263f2fb4285124da22047f14bdcf8f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6AC7 499 KB
136 KB 39ms
39ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-d3263f2fb4285124da22047f14bdcf8f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-daf32eee991b305995e20cbb3e9aabe0.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9da6174b208addd28b10c47c6872654ecb404cd827b830afe16cb405e0f70eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-daf32eee991b305995e20cbb3e9aabe0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 122263
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 139202
x-request-id: 275d673c-c22a-487a-8415-e478ef94c601
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Fri, 28 Jul 2023 20:17:16 GMT
server: Fastly
etag: "7bfbcdc8e23e0ac80011407dfe6cb1da"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1189

OPTIONS
H2 200 pv-data
sourcepoint.theguardian.com/wrapper/v2/ Frame 0
0 278ms
277ms Preflight
text/html 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=426921557426921557fda1&scriptVersion=4.10.1&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://support.theguardian.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://support.theguardian.com
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Sun, 30 Jul 2023 06:16:38 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 b50b0f4274b74414c7dcdb544e6090a2.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: 8XWSXSLrCvYkj9BwMS7PG5jzAIGoomK1I4aXwDE5M6lB1vbEVHwMWQ==
x-amz-cf-pop: ZRH55-P1
x-cache: Miss from cloudfront, MISS
x-cache-hits: 0
x-powered-by: Express
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697799.673319,VS0,VE18

POST
H2 200 pv-data Show response
sourcepoint.theguardian.com/wrapper/v2/ 194 B
472 B 29ms
29ms XHR
application/json 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=426921557426921557fda1&scriptVersion=4.10.1&scriptType=unified

Requested by

Host: support.theguardian.com
URL: https://support.theguardian.com/assets/webpack/249.1809d28085a6b2155497.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

feeee4affe0ef6edae6471cfe0a35971321bfefa4ad831f137ae1af05f09e2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://support.theguardian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: ZRH55-P1
x-powered-by: Express
x-cache: Miss from cloudfront, MISS
content-length: 194
x-served-by: cache-fra-etou8220050-FRA
x-timer: S1690697799.939480,VS0,VE21
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://support.theguardian.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: yArtpYbeCRcHdF53HNqIO4SXZ3vByxBIO9zF8B3xTmSODM0EjcEQ4g==
x-cache-hits: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 2672 118 KB
36 KB 146ms
62ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

469ebc7cb7b6fc444f361c5f9c32ae62238855ce728f4786f92326accd69b9d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-HUauXaaIUyH6eOS6bKJiTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-HUauXaaIUyH6eOS6bKJiTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 30 Jul 2023 06:16:38 GMT

GET
H3 200 shared-eb9510301ede3ebc27b12f19fa9959f5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2672 518 KB
130 KB 12ms
12ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a6e30f9401e3757562da9f88f23fddffb1ebf15d763fb1bd5f17e6c124a70619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 122263
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 132680
x-request-id: e902933c-d593-4b92-aec2-69f3e945dc75
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Fri, 28 Jul 2023 20:17:19 GMT
server: Fastly
etag: "e21b3f1f4410ae8a44a3d7ade42d347f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1335

GET
H3 200 payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2672 10 KB
4 KB 8ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

582f83b00f967c6a8c2c10fd9791f7befec6c945e92cb74fe2c2c3455fea4301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-67fc14ae773342189b3e5b49b17c6fe1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 382060
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4170
x-request-id: 92ed4ec2-474a-4fa1-a303-f8e9424da6d7
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Tue, 25 Jul 2023 20:05:40 GMT
server: Fastly
etag: "06d594f6d0f8015f2a57b5d4eb5fcdb7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3333

GET
H3 200 shared-eb9510301ede3ebc27b12f19fa9959f5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C4FB 518 KB
130 KB 25ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-26f2a9b23618bb103b49e5a671e4e750.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a6e30f9401e3757562da9f88f23fddffb1ebf15d763fb1bd5f17e6c124a70619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-26f2a9b23618bb103b49e5a671e4e750.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 122263
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 132680
x-request-id: 35195728-ed69-444f-9d4f-75cd48445db2
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Fri, 28 Jul 2023 20:17:19 GMT
server: Fastly
etag: "e21b3f1f4410ae8a44a3d7ade42d347f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1336

GET
H3 200 payment-request-inner-browser-60213628200f3cf52c380275976f0441.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C4FB 12 KB
5 KB 85ms
83ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-60213628200f3cf52c380275976f0441.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-26f2a9b23618bb103b49e5a671e4e750.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-26f2a9b23618bb103b49e5a671e4e750.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 06:16:38 GMT
via: 1.1 varnish
age: 4095565
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4851
x-request-id: 33970a73-12fe-47b5-8708-3bb8f89cb678
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Mon, 12 Jun 2023 20:34:29 GMT
server: Fastly
etag: "7d273750df5052a69a1190dbf1228b5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5233

GET
H2 200 index.html Show response
sourcepoint.theguardian.com/ Frame EF74 5 KB
2 KB 17ms
16ms Document
text/html 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/index.html?message_id=838362&consentUUID=null&requestUUID=af0ea5c3-14f5-4860-bd3b-3c47148e3c17&preload_message=true&hasCsp=true&version=v1

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8d314e7dfe09c736631cc704ffe6abf6c3bc6c2311efd829265611449cc6c8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://support.theguardian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 453
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Sun, 30 Jul 2023 06:16:38 GMT
etag: W/"fc9732b173fdfc12851718a0e6c284b9"
last-modified: Thu, 20 Jul 2023 18:05:52 GMT
server: AmazonS3
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-id: cfDZlvLaysP66g8aFG2uUr0sqKxTmNmi-JkPLFOu-bez2usMhAqj-A==
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230126-FRA
x-timer: S1690697799.704249,VS0,VE2

POST
H2 200 csp-report
q.stripe.com/ Frame 6AC7 0
718 B 562ms
177ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690697799180171
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1690697799179626
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 6AC7 474 B
623 B 23ms
8ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c32bd72ceab72f6a641a53861cfab8a3b375632889e78530c0ec06ebc7375b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-daf32eee991b305995e20cbb3e9aabe0.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 51
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 297
x-request-id: 19fb90a3-4511-4da4-9048-3379f7b4e4c0
x-served-by: cache-fra-eddf8230037-FRA
last-modified: Fri, 28 Jul 2023 20:48:14 GMT
server: Fastly
etag: "a8445d870e7a623cc1a252bb86ca23be"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H2 200 Notice.96c9d.css
sourcepoint.theguardian.com/ Frame EF74 33 KB
6 KB 18ms
14ms Stylesheet
text/css 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/Notice.96c9d.css

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/index.html?message_id=838362&consentUUID=null&requestUUID=af0ea5c3-14f5-4860-bd3b-3c47148e3c17&preload_message=true&hasCsp=true&version=v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4a4517ca1110c79a55e39e737a3b21e0401908f932658bb6a90e09e29abe4b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/index.html?message_id=838362&consentUUID=null&requestUUID=af0ea5c3-14f5-4860-bd3b-3c47148e3c17&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA2-C2
age: 2975
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Thu, 20 Jul 2023 18:05:52 GMT
server: AmazonS3
x-timer: S1690697799.764257,VS0,VE1
etag: W/"85b79a297c63f7ae734ccb4dbbf4a3b6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: IH28zjBZvadY_IyHp-CrJXfEIp3zEZdct-MShb-hHsoOV1UDRBm37A==
x-cache-hits: 0

GET
H2 200 polyfills.d36c5.js Show response
sourcepoint.theguardian.com/ Frame EF74 5 KB
2 KB 18ms
14ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/polyfills.d36c5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/index.html?message_id=838362&consentUUID=null&requestUUID=af0ea5c3-14f5-4860-bd3b-3c47148e3c17&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: gzip
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA2-C2
age: 2877
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Thu, 15 Jun 2023 17:22:18 GMT
server: AmazonS3
x-timer: S1690697799.767006,VS0,VE1
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Q1kOdMJDR6fLGuHpULgJgcxUE0SfAD-0v712b7rp_tV2vDZ6QZjgDA==
x-cache-hits: 0

GET
H2 200 Notice.8f9a5.js Show response
sourcepoint.theguardian.com/ Frame EF74 263 KB
70 KB 19ms
14ms Script
text/javascript 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theguardian.com/Notice.8f9a5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

68f16f8ec1672ee0e20912b6a4967840eb5a3a329121fdb4aa985def4363d9a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/index.html?message_id=838362&consentUUID=null&requestUUID=af0ea5c3-14f5-4860-bd3b-3c47148e3c17&preload_message=true&hasCsp=true&version=v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
content-encoding: gzip
via: 1.1 debe291145dc27044f50d04bac101cd8.cloudfront.net (CloudFront), 1.1 varnish
strict-transport-security: max-age=300
x-amz-cf-pop: FRA2-C2
age: 73
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, MISS
x-served-by: cache-fra-eddf8230126-FRA
last-modified: Thu, 20 Jul 2023 18:05:52 GMT
server: AmazonS3
x-timer: S1690697799.766996,VS0,VE3
etag: W/"cb6488e8a544b39dfe23aadd351c6b0e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: me1FCpbacKxd9AEYWuzDcFTnfRHpYZonnqdASaV22HPfQl_YQk3JCA==
x-cache-hits: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 6AC7 1 KB
2 KB 317ms
228ms Fetch
application/json 18.202.131.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9e2e8ef2490e3b94ce340c314817894e1c21b82265e4ccceacd565ba40984e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1378
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C4FB 0
718 B 644ms
349ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690697799351570
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1690697799351230
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C4FB 0
718 B 645ms
349ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690697799351453
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1690697799351188
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 722ms
351ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799442392
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799441903
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
275 B 721ms
350ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799442209
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799441906
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 727ms
357ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799444786
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799444226
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 723ms
352ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799444711
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799444189
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 724ms
354ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799444770
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799444253
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 724ms
354ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799444959
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799444314
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 736ms
366ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446503
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446020
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 739ms
371ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446833
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446091
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 734ms
365ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446653
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446156
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 733ms
364ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446703
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446186
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 746ms
378ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446863
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446215
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 729ms
361ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446221
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445763
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 725ms
357ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446302
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445799
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 729ms
362ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446310
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445594
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 745ms
378ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446702
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1690697799445979
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 732ms
365ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446597
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445906
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 723ms
357ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446338
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445846
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 741ms
376ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446410
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445941
access-control-allow-credentials: true
content-length: 0

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame EF74 811 B
1 KB 57ms
11ms Fetch
application/json 18.66.147.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=7417&consentLanguage=en

Requested by

Host: sourcepoint.theguardian.com
URL: https://sourcepoint.theguardian.com/Notice.8f9a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-27.fra60.r.cloudfront.net

Software

Resource Hash

b047b450b7068a6c427ef87eaec1a200bb03b116e5c6b5ed043ce095cb2a8ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 05:43:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1992
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 811
x-amz-cf-id: XkcAI71XVWvczU15eemjSI2ZGhGIT5gaYGpJ9r_sxE-tXrS8CSHyyg==

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 30ms
30ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=lkp1te90zxyvkn52hxjc&adUnitWasHidden=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:38 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame EF74 464 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4deb8b98e5ce51144ce980707d596608be453de89423be3addfcd9beeaf45086

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GTGuardianTitlepiece-Bold.woff2
interactive.guim.co.uk/fonts/garnett/ Frame EF74 26 KB
26 KB 146ms
139ms Font
application/octet-stream 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://interactive.guim.co.uk/fonts/garnett/GTGuardianTitlepiece-Bold.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

edd12e6fa14355f432e7071326eb15fc600f3099ac0485a972cd2a80880c6d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sourcepoint.theguardian.com/
Origin: https://sourcepoint.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 30 Jul 2023 06:16:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 2K3DFA5QEFXJHK48
age: 373088
x-cache: HIT
content-length: 26504
x-amz-id-2: QKE7yu8+QQM9XVFUJ5VIEXiHOviEOrFFDsTEtvvEB1ZlAhf9RZPeQ/FQI2iUiAy0kkeubryZViI=
x-served-by: cache-fra-etou8220050-FRA
last-modified: Wed, 18 Nov 2020 17:26:07 GMT
server: AmazonS3
x-timer: S1690697799.051721,VS0,VE0
etag: "ec26e97636dac18945f3a7ee4fd87032"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public,max-age=604800
x-amz-meta-creator: Cyberduck
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
x-cache-hits: 3769

GET
H2 200 GuardianTextSansWeb-Regular.woff2
interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/ Frame EF74 35 KB
35 KB 146ms
139ms Font
application/octet-stream 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/GuardianTextSansWeb-Regular.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa2ee0bb51dae9640fe999becb0881b75f544a647068a208bcb2fec2146cd7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sourcepoint.theguardian.com/
Origin: https://sourcepoint.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: YAKBYQ1P8KTGK8XQ
age: 172216
x-cache: HIT
content-length: 35868
x-amz-id-2: +Whkeqyfmio9zI1X6TT6Z9VVAOnhvLrJ8UoRhKqh582jn4WANzR3YXDxlr4+KxJd5YO9BxSP0xw=
x-served-by: cache-fra-etou8220050-FRA
last-modified: Thu, 16 Aug 2018 16:27:39 GMT
server: AmazonS3
x-timer: S1690697799.051741,VS0,VE0
etag: "42edb0793116210cd6ee2fde2debe92f"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: max-age=302400
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
x-cache-hits: 2348

GET
H2 200 GuardianTextSansWeb-Bold.woff2
interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/ Frame EF74 39 KB
39 KB 146ms
138ms Font
application/octet-stream 2a04:4e42::367
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://interactive.guim.co.uk/fonts/guss-webfonts/GuardianTextSansWeb/GuardianTextSansWeb-Bold.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::367 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98a6ba8081d2c2dd28a5c7b7efa6f80bf1e9ea513d5d77ecca6a699b21f7a2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sourcepoint.theguardian.com/
Origin: https://sourcepoint.theguardian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 30 Jul 2023 06:16:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: 6Y67XE8YER9EZJGM
age: 212103
x-cache: HIT
content-length: 39500
x-amz-id-2: PLHuyWUnSdv2p/b6mlj3+nsfDyMWOhhQIK/lPIh/VpH/Vpkdou3Ibcn+hzk8FpePtOt3G9a55kc=
x-served-by: cache-fra-etou8220050-FRA
last-modified: Thu, 16 Aug 2018 16:27:39 GMT
server: AmazonS3
x-timer: S1690697799.051712,VS0,VE0
etag: "7b29fbe222ef6f546085ef8cbc69a4e0"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: max-age=302400
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Range
x-cache-hits: 2372

POST
H2 200 csp-report
q.stripe.com/ Frame 2672 0
718 B 300ms
176ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690697799180409
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1690697799179679
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2672 0
719 B 299ms
175ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1690697799179819
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1690697799179647
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 3AEB 18 KB
8 KB 75ms
75ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

438a74ae85495777d385c984188a351b5aa00d3974c84d7efd9841cd619f699a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CuaEjYLnP0KPlDOfrkRizQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-CuaEjYLnP0KPlDOfrkRizQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 30 Jul 2023 06:16:39 GMT
expires: Sun, 30 Jul 2023 06:16:39 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 541ms
366ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446090
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445663
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/am=AGBs/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame 3AEB 160 KB
57 KB 41ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/am=AGBs/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjVnkU7jjCODUU9Ue52C93IAmCfQg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

077fee0256940e9d210e7a48fceb483ae84d345d5e7c923c73a509f3584dc5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57749
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 03:24:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:24:14 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3AEB 2 KB
2 KB 119ms
118ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: support.theguardian.com
URL: https://support.theguardian.com/eu/contribute?utm_source=eml&CMP_BUNIT=edtrl&utm_content=Front_CNJuly23GeorgeMonbiotFoodSystemsAcq&utm_campaign=bestofguardianopinionus&utm_medium=emedt&utm_term=64c2e1d943fcfdaffd34611a202b3d1b&CMP_TU=mawns
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 441ms
370ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446059
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445507
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 449ms
379ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799447007
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1690697799446364
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 431ms
364ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799445948
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799445444
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 443ms
378ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799447001
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446253
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.92g... Frame 3AEB 71 KB
26 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.92gQLU_6w_Q.L.B1.O/am=AGBs/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriY6HW7slHPbnx0S6JhbvVEUmifhg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/am=AGBs/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjVnkU7jjCODUU9Ue52C93IAmCfQg/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f61558cc746917016e2132097b2a5d92deed1aa5b9c1c63ee4b561e004420b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26468
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 00:24:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:57:40 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 3AEB 1 MB
354 KB 70ms
70ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ccc748b9f6e1651cd42c1b05b958e1140e6c987d21ebb391ea4e99f34a7e171

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-PZW3sXdQ_Dl8a2zxAmaD_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-PZW3sXdQ_Dl8a2zxAmaD_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 30 Jul 2023 06:16:39 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.92g... Frame 3AEB 10 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.92gQLU_6w_Q.L.B1.O/am=AGBs/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriY6HW7slHPbnx0S6JhbvVEUmifhg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc975ca911af8ca48c2d10da6fd855e271a17d1c6c1479a752ef69a69dfd8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3951
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 00:24:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:57:40 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.92g... Frame 3AEB 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.9pY16xcL1rA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.92gQLU_6w_Q.L.B1.O/am=AGBs/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriY6HW7slHPbnx0S6JhbvVEUmifhg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7582c4a381aea10105e06ebd854850185c1e0c7e7137666ff25464a1f4b2c11a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 16:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13827
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 00:24:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 16:57:40 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3AEB 131 B
155 B 38ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 06:16:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
14ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Jul 2023 06:16:39 GMT
expires: Sun, 30 Jul 2023 06:16:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3AEB 131 B
155 B 55ms
54ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 06:16:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 236ms
200ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Jul 2023 06:16:39 GMT
expires: Sun, 30 Jul 2023 06:16:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3AEB 131 B
155 B 96ms
75ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 06:16:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 49ms
15ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Jul 2023 06:16:39 GMT
expires: Sun, 30 Jul 2023 06:16:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3AEB 131 B
155 B 36ms
17ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 06:16:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 44ms
15ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Jul 2023 06:16:39 GMT
expires: Sun, 30 Jul 2023 06:16:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3AEB 131 B
155 B 28ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 06:16:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 227ms
200ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Jul 2023 06:16:39 GMT
expires: Sun, 30 Jul 2023 06:16:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3AEB 131 B
155 B 29ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 06:16:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 224ms
201ms Preflight
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 30 Jul 2023 06:16:39 GMT
expires: Sun, 30 Jul 2023 06:16:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 361ms
360ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446755
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446306
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 361ms
360ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799447015
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446444
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 356ms
356ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799446935
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446442
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 357ms
357ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799447165
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1690697799446491
access-control-allow-credentials: true
content-length: 0

GET
H2 204 2
ophan.theguardian.com/img/ 0
215 B 30ms
30ms Image
text/plain 63.35.46.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ophan.theguardian.com/img/2?viewId=lkp1te90zxyvkn52hxjc&componentEvent=%7B%22component%22%3A%7B%22componentType%22%3A%22ACQUISITIONS_OTHER%22%2C%22id%22%3A%22StripePaymentRequestButton-PAY_NOW%22%7D%2C%22action%22%3A%22INSERT%22%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.46.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-46-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support.theguardian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:16:39 GMT
cache-control: no-cache, no-store
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 0 Show response
r.stripe.com/ Frame 6AC7 0
274 B 356ms
355ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-eb9510301ede3ebc27b12f19fa9959f5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 30 Jul 2023 06:16:39 GMT
x-stripe-server-envoy-start-time-us: 1690697799447115
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1690697799446542
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
support.theguardian.com/	1969-12-31 23:59:59	Name: GU_geo_country Value: DE
profile.theguardian.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: A2AC2A47D16B99745DF0F54902F17E6A
profile.theguardian.com/	1969-12-31 23:59:59	Name: t Value: default
profile.theguardian.com/	1970-01-20 23:14:17	Name: DT Value: DI10zr_QmdUTjGM4oucvF55fg
.theguardian.com/	1970-01-20 15:47:53	Name: GU_mvt_id Value: 720697
support.theguardian.com/	1969-12-31 23:59:59	Name: GU_support_csrf Value: 83f10e8d54fe9a0a67de5c4f9e7b11ae07241bcf-1690697798075-812afeb1bc6fc98374291430
.theguardian.com/	1970-01-20 13:48:22	Name: GU_country Value: DE
.theguardian.com/	1970-01-20 22:23:53	Name: bwid Value: idFromPV_89vsDrBf-r3gNI_sCCK5Bw
.theguardian.com/	1970-01-20 22:23:53	Name: bwid_withoutSameSiteForIncompatibleClients Value: idFromPV_89vsDrBf-r3gNI_sCCK5Bw
.google.com/	1970-01-20 18:01:48	Name: NID Value: 511=aK2uxHU7npR_e0U6LMB47SinCkrXzqjPp-pYUsYIHMeBgxlW5d3tN6A1VVCyo2GUgGOyqSDtwh6ln9Ec8gJH0w4GAXym0FKMwlbkzJxRo9pht8h3G9nP38bf77L_yy9GQ0cw2eoho1I50RDIY6Gj-bzcNdWHUhT_6T_58FZs_x4
.theguardian.com/	1970-01-20 22:23:53	Name: consentUUID Value: fe405faa-6f0c-4c54-8439-178cc51c5b4f

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://gnmtouchpoint--c.eu31.visual.force.com https://gnmtouchpoint.lightning.force.com https://www.theguardian.com https://gnmtouchpoint--c.vf.force.com; object-src 'none'; base-uri 'none'; default-src 'self' https://ccpa-pm.sp-prod.net https://cdn.privacy-mgmt.com https://gdpr-tcfv2.sp-prod.net https://ccpa-service.sp-prod.net https://ccpa-notice.sp-prod.net https://sourcepoint.theguardian.com https://ccpa.sp-prod.net https://services.postcodeanywhere.co.uk https://stripe-intent.support.guardianapis.com members-data-api.theguardian.com metric-push-api-prod.support.guardianapis.com www.paypalobjects.com www.paypal.com t.paypal.com www.sandbox.paypal.com js.stripe.com https://payments.amazon.com https://payments-sandbox.amazon.com https://coin.amazonpay.com https://api-cdn.amazon.com static-na.payments-amazon.com ophan.theguardian.com j.ophan.co.uk media.guim.co.uk uploads.guim.co.uk www.google-analytics.com www.googletagmanager.com tagmanager.google.com assets.guim.co.uk www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk static.ads-twitter.com bat.bing.com bid.g.doubleclick.net t.co analytics.twitter.com stats.g.doubleclick.net www.youtube-nocookie.com connect.facebook.net www.facebook.com checkout.stripe.com fonts.googleapis.com ssl.gstatic.com www.gstatic.com fonts.gstatic.com sentry.io *.quantummetric.com blob: data: wss: 'unsafe-inline' q.stripe.com payment.guardianapis.com https://interactive.guim.co.uk/ https://www.theguardian.com/ https://theguardian.com/
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ablink.editorial.theguardian.com
assets.guim.co.uk
cdn.privacy-mgmt.com
interactive.guim.co.uk
js.stripe.com
media.guim.co.uk
merchant-ui-api.stripe.com
ophan.theguardian.com
pay.google.com
play.google.com
profile.theguardian.com
q.stripe.com
r.stripe.com
sourcepoint.theguardian.com
support.theguardian.com
www.gstatic.com
151.101.1.111
151.101.192.176
18.202.131.124
18.66.147.27
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:400c:c04::5c
2a04:4e42::367
54.187.119.242
54.187.159.182
63.35.46.148
077fee0256940e9d210e7a48fceb483ae84d345d5e7c923c73a509f3584dc5dd
0d91987cbf64990414e1741cbb74a6dd6e0c5a1c1d93ffb87913ea5fe127ff0d
115ab01058233756fb55c92562e2d3657083d98315dcc6d23fdd282042e2d917
11c18a946d974537076fea01010eb8c57b94c8e17727ef817b89e69c40ec999c
1696fc2eacf6badbdc1749d12f46d253a74e0af05b4135bf9a82f04d1ed806b9
1ccc748b9f6e1651cd42c1b05b958e1140e6c987d21ebb391ea4e99f34a7e171
438a74ae85495777d385c984188a351b5aa00d3974c84d7efd9841cd619f699a
469ebc7cb7b6fc444f361c5f9c32ae62238855ce728f4786f92326accd69b9d3
46e089c7d79ff80fef01582ba8261d42728b78c345fdbe8d52199907498d280e
4a4517ca1110c79a55e39e737a3b21e0401908f932658bb6a90e09e29abe4b1a
4deb8b98e5ce51144ce980707d596608be453de89423be3addfcd9beeaf45086
4fa602e0d446ee3148b06f2014cb08518660f936406251a05bbbcc6ea870cc9a
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
503532574ae2a4ee4a9dc800e3afa8df60956da07c7f25993765369f67700e18
52af8f7fe794bad35294330a3e23152e9f4b2b111d944e285c084382f3812abb
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
582f83b00f967c6a8c2c10fd9791f7befec6c945e92cb74fe2c2c3455fea4301
68f16f8ec1672ee0e20912b6a4967840eb5a3a329121fdb4aa985def4363d9a0
74889fe974fb778a8fc0ab224e1fe77e3ff23cbdeb785d8d4aeca50331e80c67
7582c4a381aea10105e06ebd854850185c1e0c7e7137666ff25464a1f4b2c11a
7dc975ca911af8ca48c2d10da6fd855e271a17d1c6c1479a752ef69a69dfd8b2
88ce1e930ace8587b0514ffdd9ab9400b7368d68c27aa85e36c594596ee958cd
8cc976057d7908db684c2cbfad74dca2dd3847d35f93b98e9daa0579d8a661be
8d314e7dfe09c736631cc704ffe6abf6c3bc6c2311efd829265611449cc6c8e8
98a6ba8081d2c2dd28a5c7b7efa6f80bf1e9ea513d5d77ecca6a699b21f7a2b0
9e2e8ef2490e3b94ce340c314817894e1c21b82265e4ccceacd565ba40984e31
a6e30f9401e3757562da9f88f23fddffb1ebf15d763fb1bd5f17e6c124a70619
a8bd068d8a3e8db509fff17cecbd1e5a750b6854d5a36450b6c05e789d31ee19
a9da6174b208addd28b10c47c6872654ecb404cd827b830afe16cb405e0f70eb
b047b450b7068a6c427ef87eaec1a200bb03b116e5c6b5ed043ce095cb2a8ea3
bf672dbc2fe3d05096cb045691ec7a9dc00e3470458665d42d0b7aabd07bb990
c15f2e9f10c541ddf02ec366f35d3efb1f3eff9b156fb40941b2042fa8e00af5
c32bd72ceab72f6a641a53861cfab8a3b375632889e78530c0ec06ebc7375b7b
c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dc08e3ae4d5ca5ceacf0011a84234111b2d5f7bdf186d030ffa3d817aa6cdf42
e01ffcb53926f928a21b0380554f401589a983934ebf512fe97d56516dd44adc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd12e6fa14355f432e7071326eb15fc600f3099ac0485a972cd2a80880c6d49
f61558cc746917016e2132097b2a5d92deed1aa5b9c1c63ee4b561e004420b3f
fa2ee0bb51dae9640fe999becb0881b75f544a647068a208bcb2fec2146cd7d1
feeee4affe0ef6edae6471cfe0a35971321bfefa4ad831f137ae1af05f09e2d6

support.theguardian.com Open in urlscan Pro 151.101.1.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

36 %IPv6

6 Domains

16 Subdomains

12 IPs

4 Countries

1801 kBTransfer

5881 kBSize

11 Cookies

7 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

support.theguardian.com Open in urlscan Pro
151.101.1.111 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

36 %
IPv6

6
Domains

16
Subdomains

12
IPs

4
Countries

1801 kB
Transfer

5881 kB
Size

11
Cookies

98 HTTP transactions
1 data transactions