urlscan.io logo urlscan.io
SecurityTrails logo

www.wesharegiving.org Open in urlscan Pro
2620:1ec:48:1::38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u22130470.ct.sendgrid.net/ls/click?upn=YcUp7xQW3SiBE92AOO6vM5uokSv57ZE-2Bgqu5IY2DrEskAknX7APqfPqhwOMaJ6A6fAZAYPAA-2B3iZGxS...
Effective URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Submission: On February 01 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 11 domains to perform 63 HTTP transactions. The main IP is 2620:1ec:48:1::38, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.wesharegiving.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 6th 2023. Valid for: a year.
This is the only time www.wesharegiving.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
1 4 2620:1ec:48:1... 8075 (MICROSOFT...)
16 20.94.16.46 8075 (MICROSOFT...)
1 2600:9000:251... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.36.213.229 396982 (GOOGLE-CL...)
9 20.49.97.26 8075 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 20.49.99.73 8075 (MICROSOFT...)
4 2607:f8b0:400... 15169 (GOOGLE)
3 34.107.204.85 396982 (GOOGLE-CL...)
4 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
63 14
1    167.89.123.16 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net
u22130470.ct.sendgrid.net
4    2620:1ec:48:1::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.wesharegiving.org
js.monitor.azure.com
16    20.94.16.46 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.ministryforms.net
1    2600:9000:2511:1c00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
2    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
3    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com
cdn.pendo.io
9    20.49.97.26 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
landingpage.ministryforms.net
2    2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    20.49.99.73 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
eastus2-3.in.applicationinsights.azure.com
4    2607:f8b0:4004:c07::5c (Washington, United States)

ASN15169 (GOOGLE, US)
pay.google.com
3    34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com
data.pendo.io
4    2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
12    2607:f8b0:4004:c08::66 (Ashburn, United States)

ASN15169 (GOOGLE, US)
play.google.com
Apex Domain
Subdomains		 Transfer
25 ministryforms.net
forms.ministryforms.net — Cisco Umbrella Rank: 238797
landingpage.ministryforms.net
2 MB
16 google.com
pay.google.com — Cisco Umbrella Rank: 2630
play.google.com — Cisco Umbrella Rank: 31
425 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
177 KB
4 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 750
data.pendo.io — Cisco Umbrella Rank: 723
152 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
5 KB
3 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1654
eastus2-3.in.applicationinsights.azure.com — Cisco Umbrella Rank: 42656
46 KB
3 wesharegiving.org
www.wesharegiving.org
9 KB
2 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 5289
65 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
2 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6706
34 KB
1 sendgrid.net
u22130470.ct.sendgrid.net
269 B
63 11
Domain Requested by
16 forms.ministryforms.net www.wesharegiving.org
forms.ministryforms.net
js.monitor.azure.com
12 play.google.com www.gstatic.com
9 landingpage.ministryforms.net forms.ministryforms.net
landingpage.ministryforms.net
4 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com forms.ministryforms.net
pay.google.com
www.wesharegiving.org
www.gstatic.com
3 data.pendo.io js.monitor.azure.com
3 fonts.googleapis.com forms.ministryforms.net
landingpage.ministryforms.net
3 www.wesharegiving.org 1 redirects www.wesharegiving.org
2 eastus2-3.in.applicationinsights.azure.com js.monitor.azure.com
2 fonts.gstatic.com fonts.googleapis.com
2 pro.fontawesome.com forms.ministryforms.net
landingpage.ministryforms.net
1 cdn.pendo.io forms.ministryforms.net
1 cdnjs.cloudflare.com forms.ministryforms.net
1 js.monitor.azure.com forms.ministryforms.net
1 cdn.auth0.com forms.ministryforms.net
1 u22130470.ct.sendgrid.net 1 redirects
63 16

This site contains no links.

Subject Issuer Validity Valid
www.wesharegiving.org
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-06		 a year crt.sh
*.ministryforms.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-05 -
2025-01-12		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-12-19 -
2024-12-13		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cdn.pendo.io
GTS CA 1D4		 2023-12-06 -
2024-03-05		 3 months crt.sh
landingpage.ministryforms.net
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-12-19 -
2024-06-19		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2023-11-19 -
2024-11-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
pendo.io
GTS CA 1D4		 2024-01-30 -
2024-04-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.wesharegiving.org/app/giving/WeShare-20001220
Frame ID: 6ED50A2CDEECF70A113BEC6D5E28664C
Requests: 4 HTTP requests in this frame

Frame: https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
Frame ID: 4985035523A7F6F5FEA2D2AACAAB16E6
Requests: 28 HTTP requests in this frame

Frame: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Frame ID: 21830B82618553B288375FFCBFD8684B
Requests: 11 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fforms.ministryforms.net&mid=
Frame ID: A30F519E4BE5BC1187C5ADAB2796B8AD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Give

Page URL History Show full URLs

  1. https://u22130470.ct.sendgrid.net/ls/click?upn=YcUp7xQW3SiBE92AOO6vM5uokSv57ZE-2Bgqu5IY2DrEskAknX7APqfPqhwOMaJ... HTTP 302
    https://www.wesharegiving.org/app/giving/WeShare-20001220?t=ebXEO3 HTTP 302
    https://www.wesharegiving.org/app/giving/WeShare-20001220 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

63
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

16
Subdomains

14
IPs

1
Countries

2767 kB
Transfer

8914 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u22130470.ct.sendgrid.net/ls/click?upn=YcUp7xQW3SiBE92AOO6vM5uokSv57ZE-2Bgqu5IY2DrEskAknX7APqfPqhwOMaJ6A6fAZAYPAA-2B3iZGxSGXl8yxbI-2FgHDKcrclVwoGr3Ure44-3DUl7P_CWgDveA2dIPaPRFPK0-2FXF555i8fRpCbeGcENi66woQhSxvpOsXNeZ5d-2FGzLZXH1JSur1Zo-2BhXXpcTHRQ-2FBANc0Afx3CQHd9DO4Kd1gb3LpBa3GSTRIQ7hFHsMJ6tQ9F6je7QFLoh6UOlbVngzG8z80v07bHAZRsDRxzJXmiQwgvnSaeRoNKRFauoW6bzpLVS6okXdtTRGp8bLGipxqRXzw-3D-3D HTTP 302
    https://www.wesharegiving.org/app/giving/WeShare-20001220?t=ebXEO3 HTTP 302
    https://www.wesharegiving.org/app/giving/WeShare-20001220 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request WeShare-20001220
www.wesharegiving.org/app/giving/
Redirect Chain
  • https://u22130470.ct.sendgrid.net/ls/click?upn=YcUp7xQW3SiBE92AOO6vM5uokSv57ZE-2Bgqu5IY2DrEskAknX7APqfPqhwOMaJ6A6fAZAYPAA-2B3iZGxSGXl8yxbI-2FgHDKcrclVwoGr3Ure44-3DUl7P_CWgDveA2dIPaPRFPK0-2FXF555i8f...
  • https://www.wesharegiving.org/app/giving/WeShare-20001220?t=ebXEO3
  • https://www.wesharegiving.org/app/giving/WeShare-20001220
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wesharegiving.org/app/giving/WeShare-20001220
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65b9be97d2bec00ff10e664a39c8fb34c34fe6bd785c17cd1a8adb01e7904e77
Security Headers
Name Value
Content-Security-Policy default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 15:11:54 GMT
request-context
appId=cid-v1:77dd7ac8-1118-4e22-9c8b-b3d9c0316ebb
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-azure-ref
0u7S7ZQAAAACxocBwVTQ2TboLmdROHDz6TU5aMjIxMDYwNjEyMDMzADAxZDViOTI0LTA4ZmYtNDcwOC04NjI0LTNlMTc4OWVkZWQ3Yw==
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
date
Thu, 01 Feb 2024 15:11:53 GMT
location
https://www.wesharegiving.org/app/giving/WeShare-20001220
request-context
appId=cid-v1:77dd7ac8-1118-4e22-9c8b-b3d9c0316ebb
strict-transport-security
max-age=2592000
x-azure-ref
0urS7ZQAAAABfdOt0IX38SrwtOZJIBlMrTU5aMjIxMDYwNjEyMDMzADAxZDViOTI0LTA4ZmYtNDcwOC04NjI0LTNlMTc4OWVkZWQ3Yw==
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
embed.aspx
forms.ministryforms.net/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/embed.aspx?formId=2046ccae-ced6-45f6-ab66-b265d6af077b&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1&custom-templates=
Requested by
Host: www.wesharegiving.org
URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d952ee9c07055ee43e502dcc12c12191dacee99832c9dde5803e110176d9c521
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.wesharegiving.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Connection
keep-alive
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
iframeResizer.contentWindow.min.js
www.wesharegiving.org/app/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wesharegiving.org/app/js/iframeResizer.contentWindow.min.js
Requested by
Host: www.wesharegiving.org
URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47fa2c734142da6fdc24e848f7d7ceff11c8c16db681c201576f02d56c6b1004
Security Headers
Name Value
Content-Security-Policy default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.wesharegiving.org/app/giving/WeShare-20001220
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
last-modified
Tue, 30 Jan 2024 16:02:56 GMT
date
Thu, 01 Feb 2024 15:11:54 GMT
etag
"1da5395c9b24527"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-azure-ref
0u7S7ZQAAAAD1idw3Y9HwT5qHlSz3yIUrTU5aMjIxMDYwNjEyMDMzADAxZDViOTI0LTA4ZmYtNDcwOC04NjI0LTNlMTc4OWVkZWQ3Yw==
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:77dd7ac8-1118-4e22-9c8b-b3d9c0316ebb
viewForm.aspx
forms.ministryforms.net/ Frame 4985 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/embed.aspx?formId=2046ccae-ced6-45f6-ab66-b265d6af077b&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1&custom-templates=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
39f7d8944dabf9cbbed640db546d5a3cece82b23fd81dba7154be01a24a5cbc3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.wesharegiving.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Feb 2024 15:11:55 GMT
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
X-Robots-Tag
noindex
auth0.min.js
cdn.auth0.com/js/auth0/9.5.1/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.5.1/auth0.min.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/embed.aspx?formId=2046ccae-ced6-45f6-ab66-b265d6af077b&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1&custom-templates=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:1c00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c65499454b28db683dd0efc366872a896cef0fe2ccfd6d51d6db446dcad88fcb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wesharegiving.org/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-version-id
38nHgGlXmejuOCEREftQ2ogm5Z01rLQ3
content-encoding
gzip
via
1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront)
date
Thu, 01 Feb 2024 07:49:18 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
JFK50-P6
age
26780
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 30 Apr 2018 13:21:04 GMT
server
AmazonS3
etag
W/"83fff95e521d50b4c0b70d4fc73f499f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
MkdmAtUh-CgNcexvappBlJhJhK7ATQKlQ97rMF3Re6KvC1SZRGqssA==
mb.formbuilder.embed.js
forms.ministryforms.net/scripts/ Frame 4985 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d4c72706b066ffdf8ed0ffc1b028e0b8a0c365989cd298f7546047cbdf5e944
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Connection
keep-alive
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
Last-Modified
Mon, 29 Jan 2024 20:25:14 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f143dce531"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
X-Robots-Tag
noindex
ai.2.min.js
js.monitor.azure.com/scripts/b/ Frame 4985 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer
https://forms.ministryforms.net/
Origin
https://forms.ministryforms.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:55 GMT
content-encoding
br
last-modified
Wed, 20 Sep 2023 16:12:29 GMT
content-md5
OTYl0s1WUyP5rZ8mTmvbyA==
x-ms-meta-aijssdkver
2.8.16
etag
0x8DBB9F46341BD96
x-azure-ref
0u7S7ZQAAAACRubQL4vJ6S7ziWNyd9/ZATU5aMjIxMDYwNjEyMDI3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
600b13dd-b01e-00e1-4920-55a6fe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.16.min.js
fms_2.39.0.js
forms.ministryforms.net/scripts/ Frame 4985 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/scripts/fms_2.39.0.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6621d60207b46fc9bb14438fe6220dd26e9559f0c06f7662460f7a3b07ef525b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:26:58 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f181e3a35a"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
en-client.json
forms.ministryforms.net/Static/translations/ Frame 4985 		63 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/Static/translations/en-client.json?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d593e7b8800796213dd50bb86f0d1a65a1ec8f1327f3d3d82daaf0d81bc2d91a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:19:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f082be8a09"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
bootstrap.min.css
forms.ministryforms.net/styles/ Frame 4985 		175 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/bootstrap.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c4aebe921b9a73e0b29813122e427fcc2bb996848dcdb906bfddc8b8b22c3ca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:02 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f13cb75953"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
default.min.css
forms.ministryforms.net/styles/ Frame 4985 		858 KB
131 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/default.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
272df4fb81abdb56bdac5f548e509a76446aa9d6e7de6231eed560dab6e7006d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:08 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f140440c8a"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
all.css
pro.fontawesome.com/releases/v5.15.3/css/ Frame 4985 		170 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 17:21:37 GMT
server
cloudflare
x-amz-request-id
W6Y7R42V27RT64RT
age
6117302
etag
W/"a28e912c1a41becec7f68848d739d5c0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556926
cf-ray
84eb21339ba74bc0-BUF
x-amz-id-2
aLVyRTiRNd/vG6e6PS34YuOV3If08fNJXtFkengZlUEcl3fWgu/aeJ+Ag9nyrU07tJX6iSAPI5QP5/fyGj5Kxw==
css
fonts.googleapis.com/ Frame 4985 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2b3b691360be91324019c0b40152380c20a1d1b179b2573955a5c7505a06ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Feb 2024 15:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 13:34:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Feb 2024 15:11:55 GMT
css
fonts.googleapis.com/ Frame 4985 		2 KB
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Red+Hat+Text:400,600,700
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ee02e96dd043da7da921083b0319c385afea3678829b8cf3e49f6235f78154b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Feb 2024 15:11:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 14:44:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Feb 2024 15:11:55 GMT
embed-platform-fn.min.css
forms.ministryforms.net/styles/ Frame 4985 		63 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/embed-platform-fn.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5921f7dc7f09f9fd72d86bfdef63e2e3709e98507f1deae96512fe1d7b545e17
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:02 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f13cb5196f"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
font-select.min.css
forms.ministryforms.net/styles/ Frame 4985 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/font-select.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
246770fb5c0ca892721975f25c4e7aa802f4f76c955d53864328858a0adc58bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:12 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f142abcd89"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
spectrum.min.css
forms.ministryforms.net/styles/ Frame 4985 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/spectrum.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
35f96e907107e31f46b0636e13977971e032706f9c870f3914554072186f2fe5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:14 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f143dcd2ff"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
kendo-common-material.min.css
forms.ministryforms.net/styles/ Frame 4985 		226 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/kendo-common-material.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
310fc5868accfabbe74a106dab8ba0777755ceb0fd005d0942c20ab9d55989ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:14 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f143df76ab"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
kendo-material.min.css
forms.ministryforms.net/styles/ Frame 4985 		87 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/kendo-material.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3f31603265a4f8870b3bd67fcf94813f56a86b678d7ccb24e35001614d14d2c2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:14 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f143ddaaef"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
kendo-material-mobile.min.css
forms.ministryforms.net/styles/ Frame 4985 		105 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/styles/kendo-material-mobile.min.css?fms_version=2.39.0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa83faecf96324d94f3147a492b6c2c3a1130b57d11c94b1ed1e9c9b261568b6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:25:14 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f143dd547f"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/7.0.2/css/ Frame 4985 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/7.0.2/css/intlTelInput.css
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c33fae1762817c3f3427558c42d951dc8975cddcf0500b82c000906873fd26
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5882612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1766
last-modified
Mon, 04 May 2020 16:11:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ea6-4807"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19d73v9Px9YTyLvMGlaVBwJLZVcCbJ2Qy35gf9Vtpf%2B%2FIRLw6QmesZM9AXcfk8nWOLN%2F8VDLOkTel%2FGTltaaF6NFhB0WVDHgKlt%2FOFxyn4k0gVvHVHEmrXSUYj3wG63VGJh1jrbzQ4925xETMg9DtqYw"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84eb21338e494bcf-BUF
expires
Tue, 21 Jan 2025 15:11:55 GMT
2046ccae-ced6-45f6-ab66-b265d6af077b
forms.ministryforms.net/api/v1/forms/getclient/ Frame 4985 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/api/v1/forms/getclient/2046ccae-ced6-45f6-ab66-b265d6af077b?embedSource=7&locationId=0
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/mb.formbuilder.embed.js?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c876c7a4d7917da080ed4457fe79022658f490cde9ce0b69e76ba1628d5ac608
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Connection
keep-alive
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
renewSession
forms.ministryforms.net/api/v1/givingintegration/ Frame 4985 		69 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forms.ministryforms.net/api/v1/givingintegration/renewSession
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9cf888a3cdfa8d03327f9162314f96d8fad829b84c7a167ac3f6114e0c9a247b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://forms.ministryforms.net/viewForm.aspx?formid=2046ccae-ced6-45f6-ab66-b265d6af077b&direct-link=&embed=true&frameid=27032700150486577&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1
traceparent
00-2a54e7cd73f34a7da203afd7d80b55f5-3088c4625a3d4b24-01
request-id
|2a54e7cd73f34a7da203afd7d80b55f5.3088c4625a3d4b24
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
pendo.js
cdn.pendo.io/agent/static/c82af2e9-f05f-4036-64c7-21dc28858768/ Frame 4985 		458 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/c82af2e9-f05f-4036-64c7-21dc28858768/pendo.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ce4fe5eb107df6e2826ccd20d1d726c240539559670dc783271fdd1b572b4652
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:05:49 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
age
366
x-guploader-uploadid
ABPtcPqdlfOROXy5EyknuKMSw95_UxeJwHS3Icrx9Yl6AlYvjGnjQsaio54QCwY668tkGb76HCcnc_k2DQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153178
last-modified
Thu, 25 Jan 2024 20:51:27 GMT
server
UploadServer
etag
"9367df024af6e4d5cbd1e4e5c9c827a7"
vary
Accept-Encoding
x-goog-generation
1706215887822749
x-goog-hash
crc32c=B7Wt7Q==, md5=k2ffAkr25NXL0eTlycgnpw==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=450
x-goog-stored-content-length
153178
accept-ranges
bytes
content-type
application/javascript
59bc0c53-a52f-4047-a367-677a92b3dd61
landingpage.ministryforms.net/ Frame 2183 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4e10fd1fe8a3c61496ed9c443397947d63a9923fc4972868610b607b225507f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://forms.ministryforms.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 01 Feb 2024 15:11:56 GMT
ETag
"1d87c09cdfea08c"
Last-Modified
Thu, 09 Jun 2022 14:04:16 GMT
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
mb-logo.png
forms.ministryforms.net/Static/images/ Frame 4985 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.ministryforms.net/Static/images/mb-logo.png
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/styles/default.min.css?fms_version=2.39.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.94.16.46 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc0efea9e6bd71fc79b37572bf57460c7ca12c343d1ca6b06cf18f8ec3827fa0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/styles/default.min.css?fms_version=2.39.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:55 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 29 Jan 2024 20:19:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da52f082be62b6"
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
5558
Request-Context
appId=cid-v1:840d75a3-1bb6-4ec9-a118-c462219db812
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 4985 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forms.ministryforms.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:07:39 GMT
x-content-type-options
nosniff
age
446656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Jan 2025 11:07:39 GMT
track
eastus2-3.in.applicationinsights.azure.com//v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eastus2-3.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.49.99.73 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://forms.ministryforms.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Thu, 01 Feb 2024 15:11:55 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
eastus2-3.in.applicationinsights.azure.com//v2/ Frame 4985 		49 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eastus2-3.in.applicationinsights.azure.com//v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.49.99.73 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.ministryforms.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 01 Feb 2024 15:11:55 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-length
49
content-type
application/json; charset=utf-8
pay.js
pay.google.com/gp/p/js/ Frame 4985 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: forms.ministryforms.net
URL: https://forms.ministryforms.net/scripts/fms_2.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee984e429a837c7edb5abc504371de256ee3b4e9f66a3665d550a0178f39a25a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B5FQydjbeCJmzDw4HXVwFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-B5FQydjbeCJmzDw4HXVwFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjamHU4pJiCNSQYlhWKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vj6kkkCiNWAeIePB4uYz3TWN-HTWdkiprPG1U1nzQFivnXTWTXXT2dtiZ7BOgmIndJnsAYAsU_9DNYoIBbi5tjz8t1aNoEZM97zAwB1UTn4"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 01 Feb 2024 15:11:56 GMT
RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2
fonts.gstatic.com/s/redhattext/v14/ Frame 4985 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/redhattext/v14/RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Red+Hat+Text:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b2f5ac43898b79c2fddba6968f281fe471838e5a3573bcf3ea25ea7f9d3c708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forms.ministryforms.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 17:54:37 GMT
x-content-type-options
nosniff
age
76638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27980
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:17:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 17:54:37 GMT
c82af2e9-f05f-4036-64c7-21dc28858768
data.pendo.io/data/ptm.gif/ Frame 4985 		42 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.pendo.io/data/ptm.gif/c82af2e9-f05f-4036-64c7-21dc28858768?v=2.216.1_prod&ct=1706800316107&jzb=eJztU2Fv2zYQ_S8CrC8JbYoWKTmAMLRZO9jDsm7tMGzDIFDiSeYikQJJxfWK_PceHTfohyIYMORbDAu4I3mP947v_fUpCccJkqtEKzBBd8fkMmmcPXhwddAj7mQFFSWl60zQTX6Z3Gmvg3W1VlhUv3tz8_3P9Ye6h192u_7jVr0-IIBsWzub8HDmhy3JMl4wihuzG3BlH8Lkr1arzrrRL0dttA_u-JAZCKs7DYe3mC2lnz5-F9e1qhjNRdtKIC0oQXLeCSIbIUjDBFdCdrQomlRpB20ggza3VQpjA6oKboa0c3KECFLQNX404zQvBS-KtN3Prt0Tg_vVe6lNuNhZD9P-YlG0FztsANyCtRfbm7SV4zR7gij0S3yq-gIx2N4SJFid6C3WcsE6_E-tnpwik7OKgPTHoMMeSSgDRk0WL1zKf2cHoHqI5LFCeg_BY0AFWzPKWMa4WNPzFAld_jP1eKk0PeI8NBKvTbEBbUiwt2Aq1qmNKDkn3brdkFwKRjYZMNI1DeVdzktRqtSBh2EA942uD-D30kGv77Tpl60d0yCbClNI-7zKUm-RM8Rgbw-RujaY1BOSsrWy7TyimlBAYTiPdcHow2AxWBTXMT0PN8bbGxQHjmjyydWnxA6q_i8yi-e-lpqZh-F_CfQem0DWJnyQzfYREJnHJIF3Lgj92t2634e3N6844px0ddr8k16_2V3_Ov-hfzJw-LGLNjoGQD4lL-8vH202QpBPWoy_WOzFYs9usbPEYviUygacwCz7KFww9W_vo0POynss_YZ9Xj0ewSUlQ6yn2YqyFc46R9w7cF5bg8tsyTKxzOr4eM_kv3L9lf8GK9WT_hMv_nvx37P7L8rwLD5B-XJD8Zdxxsui3Fwm2ten50yu4tM-iyuKorj_-zO3F0M4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
59
access-control-allow-headers
*
content-length
42
alt-svc
clear
c82af2e9-f05f-4036-64c7-21dc28858768
data.pendo.io/data/guide.json/ Frame 4985 		901 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.json/c82af2e9-f05f-4036-64c7-21dc28858768?id=8&jzb=eJx9Ul1vmzAU_S9I8JKZGAdMWglN-1by0G3q9oyMfQGvYCPbJO2m_PdekjZ7mSYl0jnX9-sc7p_ooL0O1u1UdBvV3z7dffxa_6g7-L7fd4879f4YvYmElHY24ZzyZUeyrCgZxfjsBoz0IUz-dr1urRt9OmqjfXBPF2YgrA8ajp-RpcJPj2-XuFYVozmXUgCRoDjJi5YT0XBOGsYLxUVLy7JJlHYgAxm0eagSGBtQVXAzJK0TIyxNSrrBP80Kmm95UZaJ7Gcne2LwvboX2oTV3nqY-lVcytUeFwAXM7na3SVSjNPsCXahr_hc9dpisJ0lKLA6y4s3ImYt_iapJ6fI5KwiIPxT0KFHEcqAUZPFgan4PTsA1cEiHiuE9xA8AsrZhlHGMlbwDX1xkdD019ThUGE67HNZZBmb4ALakGAfwFSsVTd8WxSk3cgbkgvOyE0GjLRNQ4s2L7Z8qxIHHoYB3D-2PoLvhYNOH7TpUmnHJIimQgpJl1dZ4i1qhgX09rhI1wZJPaEoWysr5xFMqFHr8GJrzOjFWARx-WGhL-YueHeHxzFCEEoEEd1eb2yB-j93NqAJs-gAM8DUP--j0_X2rqV_7w8fJxRlwrtrCoZw5FJPszVla7Q7x74HcF5bg2GWsoynWb18v-h0egY72_nB&v=2.216.1_prod&ct=1706800316110
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
202890935e4f752bef85fa71f4ac1f5fe066d1e68e612fff58ae7ba9e0eb494e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
28
access-control-allow-headers
*
content-length
901
alt-svc
clear
c82af2e9-f05f-4036-64c7-21dc28858768
data.pendo.io/data/guide.gif/ Frame 4985 		42 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.pendo.io/data/guide.gif/c82af2e9-f05f-4036-64c7-21dc28858768?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1706800316113&v=2.216.1_prod
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
85.204.107.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
2
access-control-allow-headers
*
content-length
42
alt-svc
clear
all.css
pro.fontawesome.com/releases/v5.15.3/css/ Frame 2183 		170 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.15.3/css/all.css
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 17:21:37 GMT
server
cloudflare
x-amz-request-id
W6Y7R42V27RT64RT
age
6117303
etag
W/"a28e912c1a41becec7f68848d739d5c0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556926
cf-ray
84eb2137dd514bc0-BUF
x-amz-id-2
aLVyRTiRNd/vG6e6PS34YuOV3If08fNJXtFkengZlUEcl3fWgu/aeJ+Ag9nyrU07tJX6iSAPI5QP5/fyGj5Kxw==
css
fonts.googleapis.com/ Frame 2183 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2b3b691360be91324019c0b40152380c20a1d1b179b2573955a5c7505a06ebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 01 Feb 2024 13:27:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Feb 2024 15:11:56 GMT
polyfill.js
landingpage.ministryforms.net/static/scripts/ Frame 2183 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/static/scripts/polyfill.js
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
88cf9e84e4e47b860a0ba2b41f24786dc74df3e65dd6c3a1cbbd92ef90c22619
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 09 Jun 2022 14:04:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d87c09cdfe8faf"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
2.d7892326.chunk.css
landingpage.ministryforms.net/static/css/ Frame 2183 		139 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/static/css/2.d7892326.chunk.css
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c53b8e0076217270574e274781fc0585ade67db0a7a36d996c724ff9feb58fa7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 09 Jun 2022 14:04:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d87c09cdfc9d5a"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
main.f0799dc3.chunk.css
landingpage.ministryforms.net/static/css/ Frame 2183 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/static/css/main.f0799dc3.chunk.css
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92329891b7bb96e253530db07f5120b2fdecabb6270339606a325e85cb7952b0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 09 Jun 2022 14:04:17 GMT
Server
Microsoft-IIS/10.0
ETag
"1d87c09ce974985"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
2.71f628b2.chunk.js
landingpage.ministryforms.net/static/js/ Frame 2183 		515 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/static/js/2.71f628b2.chunk.js
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f9df49becbf323e4ddcd7c09c889e29e2e06f293903f8f4927f9e0b42e7f2f99
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 09 Jun 2022 14:04:17 GMT
Server
Microsoft-IIS/10.0
ETag
"1d87c09ce9f4d4d"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
main.f36dd037.chunk.js
landingpage.ministryforms.net/static/js/ Frame 2183 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/static/js/main.f36dd037.chunk.js
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f58fad47f43a46a8d1edc63eb4d26a4f8ae501bfba419af5aba3a67b41ed0a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 09 Jun 2022 14:04:17 GMT
Server
Microsoft-IIS/10.0
ETag
"1d87c09ce971a46"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
payframe
pay.google.com/gp/p/ui/ Frame A30F 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fforms.ministryforms.net&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c88c1315ac64e716198f3d9417639bdddd7a96193d8f0847e69f4472cc23f00
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-aTA5C_MiE-1Gz49ucxUhYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.ministryforms.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-aTA5C_MiE-1Gz49ucxUhYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 01 Feb 2024 15:11:56 GMT
expires
Thu, 01 Feb 2024 15:11:56 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjamHU4pJiCNSQYlhWKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vj6kkkCiNWAeIePB4uYz3TWN-HTWdkiprPG1U1nzQFivnXTWTXXT2dtiZ7BOgmIndJnsAYAsU_9DNYoIBbi5tjz8t1aNoEPL2-kAwB3zjri"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame A30F 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fforms.ministryforms.net&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
391944b8d75c5d88a47752eec116e0211e69e4d59f1f51a6da28e4c1c17b8bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 20:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57137
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 10:48:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jan 2025 20:46:42 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame A30F 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: www.wesharegiving.org
URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBI... Frame A30F 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=gCEN/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfri4sRYrxYIRn2Cdet77NSbG6AAH9A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd566a615195abb18d975b02a248d3a8021e708f0b96820eb1d084944c429731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 20:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27783
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 14:10:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jan 2025 20:46:42 GMT
meta.json
landingpage.ministryforms.net/ Frame 2183 		18 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/meta.json
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/static/js/main.f36dd037.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ec56d5abadf6da2871904db79c125238b98d5ecea258241f80d221e94d75a0f3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 09 Jun 2022 14:04:16 GMT
Server
Microsoft-IIS/10.0
ETag
"1d87c09cdfeb012"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Accept-Ranges
bytes
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
pay
pay.google.com/gp/p/ui/ Frame A30F 		1 MB
378 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a3d30051bffbbe87be80ca8a998d09ed9f29fef293707a1dbcfae06dcc3617e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-IOHzeGkDsYCJJ2lC1xRBPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-IOHzeGkDsYCJJ2lC1xRBPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjamHU4pJiCNSQYlhWKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vj6kkkCiNWAeIePB4uYz3TWN-HTWdkiprPG1U1nzQFivnXTWTXXT2dtiZ7BOgmIndJnsAYAsU_9DNYoIBbi4djz8t1aNoEZp45_ZQQAsXM66g"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 01 Feb 2024 15:11:56 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBI... Frame A30F 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=gCEN/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfri4sRYrxYIRn2Cdet77NSbG6AAH9A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d90a0070e57584453274df644a6482df1076ae143477d47f4ac9a96265d671c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 20:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4136
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 14:10:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jan 2025 20:46:42 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBI... Frame A30F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=gCEN/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfri4sRYrxYIRn2Cdet77NSbG6AAH9A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5da7a56a61dd5c74d97eebfa2e06500d3bf1028ed24efda04f41542c7822d719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 20:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14325
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 14:10:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jan 2025 20:46:42 GMT
log
play.google.com/ Frame A30F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 15:11:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 01 Feb 2024 15:11:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A30F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 15:11:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 01 Feb 2024 15:11:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A30F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 15:11:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 01 Feb 2024 15:11:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A30F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 15:11:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 01 Feb 2024 15:11:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A30F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 15:11:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 01 Feb 2024 15:11:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A30F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ewp8ejhnoBk.es5.O/am=gCEN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgsrjdLa-A25aLI4vVpi5TZAoV6Fg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 01 Feb 2024 15:11:56 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Feb 2024 15:11:56 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 01 Feb 2024 15:11:56 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
en.json
landingpage.ministryforms.net/static/translations/ Frame 2183 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/static/translations/en.json
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/static/js/main.f36dd037.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
323937cac82c4755c12ef1e2fe5c37b01a9a2e762961a87c96ddd39089fa081f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Thu, 09 Jun 2022 14:04:17 GMT
Server
Microsoft-IIS/10.0
ETag
"1d87c09ce9750f8"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Accept-Ranges
bytes
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9
59bc0c53-a52f-4047-a367-677a92b3dd61
landingpage.ministryforms.net/api/v1/client/ Frame 2183 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://landingpage.ministryforms.net/api/v1/client/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&nocache=1706800316502
Requested by
Host: landingpage.ministryforms.net
URL: https://landingpage.ministryforms.net/static/js/main.f36dd037.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.49.97.26 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9cd92eca993b520ffdccc1315a70c7240e320f1604dcbe02b3131e45afcdbeb0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://landingpage.ministryforms.net/59bc0c53-a52f-4047-a367-677a92b3dd61?location=0&embedid=7290596462466754&bg=rgba(0%2C0%2C0%2C0)
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 01 Feb 2024 15:11:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Request-Context
appId=cid-v1:814304c4-5c65-4e12-959a-00fdab8c89d9

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| auth0

5 Cookies

Domain/Path Name / Value
www.wesharegiving.org/app Name: .AspNetCore.Mvc.CookieTempDataProvider
Value: CfDJ8GABtnyr2ptLvGa_W1FKcp4l9_sxe-qpmIwA6JrwTOlszsjGK_f0Whg5ebUQeHqJN6crQdoCpPajG6f7I27YTlymAkhT9NTeHLAkA22BTvd0FtFsCAZ7lT1UY-yl35rXWySWIoDiDIejBMuEjZ4i7t4jyjZPPnECUpUtfYbKuUlPa3zn7i8m_q2oD6jJVu6Rka2rsLK1bwRiTpH27N9R46hRvfodCEBVB0EJMuzq-Wl12hDuJHdcWxPs_p8oDnrGIeAUL_JNguGw6-t2dSjVEEKcRbTk0KhzSk9AMKwmtAP1blNp1rXBDJuFbn6FAnNVerKXf9WbfR_QtBSJ_Ickpu861bGQyM7C01QJOdAlXvUiWfKt3plOH5M71CFHav_DsqXM9ugNFNBfjU0fizC7d-g6shqkSYWfXruBZV1oVs3pOWr9kjWyaD9qkDt_AUEwqL1JPWIcw0EZApnTKrO4FS08Wyizvjb1zVgSi1_F_frAV7jFZf9WSVU-aRVPa8i4F7IMTzKJf620DTqnZn0YX8DiBVJ6C8itI6iHUlnS6BZh8Zw39_GFg4EkC6yTNQq6ByxGY3FnMAy5QxKZyEX4SbZuUgQZcZiyHn4KNg7_SsbsI-sU_BiMRw_brfBpFV5lzyEjYjKWQh5a2zqyz9X-A27pY0QOoK99H271mpomG6EEZCF0mnrA7sH1M5Bob4xvxeFTmmMz8KGs3LJP5Kw66pJqsUB40xDIviGuSzPzmr1O2JNO4P1pIQlhGOwopIZRh2QhDtikEdiV3B1-ZFJYkuiDDI63TUiX2UW2ntYG_8tvI3SQiCTh0IG1cF5fshe1x4ydse-pEQP1e6v5FCpQtlBMeWjrdJAwqPxM9S0DAoIeUGdovZogIu-V517iUXD3MQ2N544FQSwWVUWjZQ6rJ1M80JGxWgLTOPtmMg-WmvQ5MLCQ2kD13p0QFIzV3IbSc5013Ak5RoRCZYr2WruG_2cNAYalFoCIu-SBfXSyjS3j
forms.ministryforms.net/ Name: ai_user
Value: tN9JTsbGhNrdjw99IZU7TO|2024-02-01T15:11:55.561Z
forms.ministryforms.net/ Name: ai_session
Value: qn40TsgXdDHJpkhnOhmvKO|1706800315905|1706800315905
.landingpage.ministryforms.net/ Name: ARRAffinitySameSite
Value: 8e40e88517914b50a7ab096a52b642c3e56a9991ca2cba1a3cbe683bb2af633e
.google.com/ Name: NID
Value: 511=mk8O-Atf3eYMKoYXLaXHy66BHhxJE7ygu5lCOhaWhXkw0J2j0q4U7efiJUzIM5URzBLd5DVgPmtdaFlCT7KA9pGDV_XRahRVDLEu_-65UHfwgyKDmK5q6N8NGSy1dBq_YYQ8vJ8S610Y2fpYUEx-WIf_KNuuFtzHM1BjLzNNE3A

37 Console Messages

Source Level URL
Text
javascript warning URL: https://forms.ministryforms.net/embed.aspx?formId=2046ccae-ced6-45f6-ab66-b265d6af077b&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1&custom-templates=(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.auth0.com/js/auth0/9.5.1/auth0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://forms.ministryforms.net/embed.aspx?formId=2046ccae-ced6-45f6-ab66-b265d6af077b&church-name=Saint+Joseph+%7c+Jasper%2c+IN&campus-id=0&campus-name=&church-logo-url=https%3a%2f%2fpciprd-prod-easytithe-cdnendpoint.azureedge.net%2fassets%2f06232022125630-115720-0.jpg&change-campus-url=&login-token=2fd96855-f3c9-4a62-91e2-fbb05f45868d&reseller-url=https%3a%2f%2fwesharegiving.com&tab=give&g4=1&source=1&show-login=1&custom-templates=(Line 182)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.auth0.com/js/auth0/9.5.1/auth0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://forms.ministryforms.net/api/v1/givingintegration/renewSession
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://cdn.pendo.io/agent/static/c82af2e9-f05f-4036-64c7-21dc28858768/pendo.js(Line 9)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://forms.ministryforms.net') does not match the recipient window's origin ('https://www.wesharegiving.org').
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wesharegiving.org/app/giving/WeShare-20001220
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; connect-src https: wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io; font-src https: data:; frame-src https: data:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; frame-ancestors https:;
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.auth0.com
cdn.pendo.io
cdnjs.cloudflare.com
data.pendo.io
eastus2-3.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
forms.ministryforms.net
js.monitor.azure.com
landingpage.ministryforms.net
pay.google.com
play.google.com
pro.fontawesome.com
u22130470.ct.sendgrid.net
www.gstatic.com
www.wesharegiving.org
167.89.123.16
20.49.97.26
20.49.99.73
20.94.16.46
2600:9000:2511:1c00:10:474e:104a:2961
2606:4700:4400::ac40:93bc
2606:4700::6811:180e
2607:f8b0:4004:c07::5c
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::66
2607:f8b0:4004:c19::5e
2620:1ec:48:1::38
34.107.204.85
34.36.213.229
0c4aebe921b9a73e0b29813122e427fcc2bb996848dcdb906bfddc8b8b22c3ca
0c88c1315ac64e716198f3d9417639bdddd7a96193d8f0847e69f4472cc23f00
0d4c72706b066ffdf8ed0ffc1b028e0b8a0c365989cd298f7546047cbdf5e944
0d90a0070e57584453274df644a6482df1076ae143477d47f4ac9a96265d671c
0f58fad47f43a46a8d1edc63eb4d26a4f8ae501bfba419af5aba3a67b41ed0a6
202890935e4f752bef85fa71f4ac1f5fe066d1e68e612fff58ae7ba9e0eb494e
246770fb5c0ca892721975f25c4e7aa802f4f76c955d53864328858a0adc58bb
272df4fb81abdb56bdac5f548e509a76446aa9d6e7de6231eed560dab6e7006d
28c33fae1762817c3f3427558c42d951dc8975cddcf0500b82c000906873fd26
2b2f5ac43898b79c2fddba6968f281fe471838e5a3573bcf3ea25ea7f9d3c708
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
310fc5868accfabbe74a106dab8ba0777755ceb0fd005d0942c20ab9d55989ae
323937cac82c4755c12ef1e2fe5c37b01a9a2e762961a87c96ddd39089fa081f
35f96e907107e31f46b0636e13977971e032706f9c870f3914554072186f2fe5
391944b8d75c5d88a47752eec116e0211e69e4d59f1f51a6da28e4c1c17b8bb2
39f7d8944dabf9cbbed640db546d5a3cece82b23fd81dba7154be01a24a5cbc3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f31603265a4f8870b3bd67fcf94813f56a86b678d7ccb24e35001614d14d2c2
47fa2c734142da6fdc24e848f7d7ceff11c8c16db681c201576f02d56c6b1004
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5921f7dc7f09f9fd72d86bfdef63e2e3709e98507f1deae96512fe1d7b545e17
5a3d30051bffbbe87be80ca8a998d09ed9f29fef293707a1dbcfae06dcc3617e
5da7a56a61dd5c74d97eebfa2e06500d3bf1028ed24efda04f41542c7822d719
65b9be97d2bec00ff10e664a39c8fb34c34fe6bd785c17cd1a8adb01e7904e77
6621d60207b46fc9bb14438fe6220dd26e9559f0c06f7662460f7a3b07ef525b
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
88cf9e84e4e47b860a0ba2b41f24786dc74df3e65dd6c3a1cbbd92ef90c22619
8ee02e96dd043da7da921083b0319c385afea3678829b8cf3e49f6235f78154b
92329891b7bb96e253530db07f5120b2fdecabb6270339606a325e85cb7952b0
9cd92eca993b520ffdccc1315a70c7240e320f1604dcbe02b3131e45afcdbeb0
9cf888a3cdfa8d03327f9162314f96d8fad829b84c7a167ac3f6114e0c9a247b
a4e10fd1fe8a3c61496ed9c443397947d63a9923fc4972868610b607b225507f
b2b3b691360be91324019c0b40152380c20a1d1b179b2573955a5c7505a06ebf
c53b8e0076217270574e274781fc0585ade67db0a7a36d996c724ff9feb58fa7
c65499454b28db683dd0efc366872a896cef0fe2ccfd6d51d6db446dcad88fcb
c876c7a4d7917da080ed4457fe79022658f490cde9ce0b69e76ba1628d5ac608
ce4fe5eb107df6e2826ccd20d1d726c240539559670dc783271fdd1b572b4652
d593e7b8800796213dd50bb86f0d1a65a1ec8f1327f3d3d82daaf0d81bc2d91a
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d952ee9c07055ee43e502dcc12c12191dacee99832c9dde5803e110176d9c521
dc0efea9e6bd71fc79b37572bf57460c7ca12c343d1ca6b06cf18f8ec3827fa0
ec56d5abadf6da2871904db79c125238b98d5ecea258241f80d221e94d75a0f3
ee984e429a837c7edb5abc504371de256ee3b4e9f66a3665d550a0178f39a25a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9df49becbf323e4ddcd7c09c889e29e2e06f293903f8f4927f9e0b42e7f2f99
fa83faecf96324d94f3147a492b6c2c3a1130b57d11c94b1ed1e9c9b261568b6
fd566a615195abb18d975b02a248d3a8021e708f0b96820eb1d084944c429731