www.energyvsclimate.com Open in urlscan Pro
2a04:4e42:600::775 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.energyvsclimate.com/donate/
Submission: On June 20 via api (June 20th 2022, 4:53:13 pm UTC) from US — Scanned from DE

Summary HTTP 204 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 38 IPs in 3 countries across 30 domains to perform 204 HTTP transactions. The main IP is 2a04:4e42:600::775, located in United States and belongs to FASTLY, US. The main domain is www.energyvsclimate.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 26th 2022. Valid for: 3 months.

This is the only time www.energyvsclimate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2a04:4e42:600... 2a04:4e42:600::775	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 1	54.209.91.188 54.209.91.188	14618 (AMAZON-AES) (AMAZON-AES)
39	192.124.249.19 192.124.249.19	30148 (SUCURI-SEC) (SUCURI-SEC)
10	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
34	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	143.204.89.96 143.204.89.96	16509 (AMAZON-02) (AMAZON-02)
2	52.38.14.160 52.38.14.160	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.89.12 143.204.89.12	16509 (AMAZON-02) (AMAZON-02)
12	192.124.249.8 192.124.249.8	30148 (SUCURI-SEC) (SUCURI-SEC)
5	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
4	52.35.20.198 52.35.20.198	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.89.5 143.204.89.5	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.26 143.204.89.26	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:215... 2600:9000:2156:aa00:0:1a32:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
204	38

9 2a04:4e42:600::775 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.energyvsclimate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.209.91.188 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com

app.simplyk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 192.124.249.19 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10019.sucuri.net

www.zeffy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.89.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-96.fra50.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.38.14.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-14-160.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-12.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.124.249.8 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10008.sucuri.net

api.zeffy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o563579.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.35.20.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-20-198.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-5.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-26.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:aa00:0:1a32:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

canny.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	stripe.com js.stripe.com — Cisco Umbrella Rank: 1654 q.stripe.com — Cisco Umbrella Rank: 11616 m.stripe.com — Cisco Umbrella Rank: 1451 r.stripe.com — Cisco Umbrella Rank: 6366	559 KB
51	zeffy.com www.zeffy.com api.zeffy.com	1 MB
21	google.com www.google.com — Cisco Umbrella Rank: 9 pay.google.com — Cisco Umbrella Rank: 4162 play.google.com — Cisco Umbrella Rank: 46	411 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	667 KB
9	energyvsclimate.com 1 redirects www.energyvsclimate.com	174 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	327 KB
5	sentry.io o563579.ingest.sentry.io	356 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 9409	59 KB
4	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1350	669 B
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1761	32 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4847 track.hubspot.com — Cisco Umbrella Rank: 2521	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 992 vars.hotjar.com — Cisco Umbrella Rank: 1037	67 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	110 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1049	124 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5111	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	15 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4059	953 B
1	canny.io canny.io — Cisco Umbrella Rank: 33785	31 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	409 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3802	3 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5441	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2412	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2406	20 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2665	980 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1423	40 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 3019	450 B
1	simplyk.io 1 redirects app.simplyk.io	325 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
0	licdn.com Failed snap.licdn.com Failed
204	30

	Domain	Requested by
39	www.zeffy.com	www.energyvsclimate.com www.zeffy.com
26	r.stripe.com	js.stripe.com
21	js.stripe.com	www.energyvsclimate.com js.stripe.com www.zeffy.com
13	play.google.com	www.gstatic.com
12	api.zeffy.com	www.zeffy.com
10	fonts.gstatic.com	fonts.googleapis.com www.zeffy.com www.google.com
9	www.energyvsclimate.com	1 redirects www.energyvsclimate.com unpkg.com
8	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
8	q.stripe.com	www.energyvsclimate.com
6	www.googletagmanager.com	www.energyvsclimate.com www.googletagmanager.com www.zeffy.com js.hsadspixel.net
5	o563579.ingest.sentry.io	www.zeffy.com
4	pay.google.com	js.stripe.com pay.google.com www.energyvsclimate.com www.gstatic.com
4	www.google.com	www.zeffy.com www.gstatic.com www.google.com
4	api.amplitude.com	www.zeffy.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gstatic.com
2	api.hubspot.com	www.zeffy.com
2	connect.facebook.net	www.energyvsclimate.com connect.facebook.net
2	m.stripe.com	m.stripe.network
2	unpkg.com	1 redirects www.energyvsclimate.com
1	www.google.de
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	track.hubspot.com	www.energyvsclimate.com
1	api.hubapi.com	www.zeffy.com
1	canny.io	www.zeffy.com
1	www.facebook.com	www.zeffy.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	cdn.polyfill.io	www.zeffy.com
1	region1.google-analytics.com	www.googletagmanager.com
1	app.simplyk.io	1 redirects
1	fonts.googleapis.com	www.energyvsclimate.com
0	snap.licdn.com Failed	js.hsadspixel.net
204	41

This site contains links to these domains. Also see Links.

Domain
sustainableinnovation.academy
twitter.com
www.youtube.com
ghost.org
bit.ly

Subject Issuer	Validity	Valid
www.energyvsclimate.com ZeroSSL RSA Domain Secure Site CA	`2022-04-26` - `2022-07-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.zeffy.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
api.zeffy.com Starfield Secure Certificate Authority - G2	`2022-04-15` - `2023-04-15`	a year	crt.sh
*.ingest.sentry.io R3	`2022-04-22` - `2022-07-21`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-29` - `2022-06-27`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
canny.io Amazon	`2021-10-25` - `2022-11-23`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.energyvsclimate.com/donate/
Frame ID: 04D404BAC46A68DF10A51F3AEEFA0BEE
Requests: 18 HTTP requests in this frame

Frame: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
Frame ID: 340EF98A65BC545E00068C4D7D736FA3
Requests: 91 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 31F8F58C18FDD35FA7FA65036564BBAE
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4CBD5480194C7180CA44E0A1211725F1
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 62FE85C3497FC41389F9373FA7ACA998
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 2B8F8E5E50063FB96EB73EBA5CB367ED
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FA9F4AA866B42D02F2683B00B7C23B4A
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d76978d462b4fd179a04a883aede01c2.html
Frame ID: 5158F00D4959D277FF325EEF11EE651E
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html
Frame ID: B79F308023E64E7044950B5F51A3C4B4
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-1a116b117a50c01aa5dbb20fb493381d.html
Frame ID: 720D85D5FB6A0B61A35FA71AFA83AA42
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html
Frame ID: 510055D5FB6D773B3A11FB76E2BA2F81
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdrcLYUAAAAAEIDf-hPAsRNvk5txiRVYGpOC9CH&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=rwnfdwut341
Frame ID: 9B0B478714D1ADB3FA77D91B1A65D83B
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: E018FEE21FFDFA353619A3BD0E12684E
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate

Page URL History Show full URLs

https://www.energyvsclimate.com/donate HTTP 301
https://www.energyvsclimate.com/donate/ Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

204
Requests

99 %
HTTPS

66 %
IPv6

30
Domains

41
Subdomains

38
IPs

3
Countries

3847 kB
Transfer

12122 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://sustainableinnovation.academy/
Title: Academy for Sustainably Innovation

Search URL Search Domain Scan URL

URL: https://twitter.com/energyvsclimate

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCATZsL5ZruSRiQBnmpoVOkg

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Ghost

Search URL Search Domain Scan URL

URL: https://bit.ly/template-hue
Title: Hue

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.energyvsclimate.com/donate HTTP 301
https://www.energyvsclimate.com/donate/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js HTTP 302
https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js

Request Chain 10

https://app.simplyk.io/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en HTTP 301
https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

204 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.energyvsclimate.com/donate/
Redirect Chain

https://www.energyvsclimate.com/donate
https://www.energyvsclimate.com/donate/

20 KB
6 KB

39ms
38ms

Document
text/html

2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.energyvsclimate.com/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 539f866ed739cbb23c18ad9dd8524c853217e02e5c0682ef0491b31f0d3ecd3c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6735
alt-svc: clear
cache-control: public, max-age=0
content-encoding: gzip
content-length: 6007
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:07 GMT
etag: W/"51be-WT8jGVouYUb42x/70wYeSP/jM7c"
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 200 OK
vary: Accept-Encoding, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-request-id: d2c80dde523b03adfaf3b5dc3cbeb367 d2c80dde523b03adfaf3b5dc3cbeb367
x-served-by: cache-ams12754-AMS, cache-mxp6955-MXP
x-timer: S1655743988.877278,VS0,VE19

Redirect headers

accept-ranges: bytes
age: 207649
alt-svc: clear
cache-control: public, max-age=31536000
content-length: 0
date: Mon, 20 Jun 2022 16:53:07 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
location: /donate/
server: openresty
status: 301 Moved Permanently
vary: Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-request-id: ac8f76ea91a6e0f698f7a1a9ed9fb44a ac8f76ea91a6e0f698f7a1a9ed9fb44a
x-served-by: cache-ams12724-AMS, cache-mxp6955-MXP
x-timer: S1655743988.838276,VS0,VE19

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 44ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&display=swap

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14b0ab6e6d967765a557b6eae5b7c0bc3bcbf21c7fd68768421b077a9aaee89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 15:37:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Jun 2022 16:53:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Jun 2022 16:53:07 GMT

GET
H2 200 style-min.css
www.energyvsclimate.com/assets/css/ 55 KB
11 KB 34ms
34ms Stylesheet
text/css 2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.energyvsclimate.com/assets/css/style-min.css?v=4fbcd8fb45
Requested by: Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 8594072dcdae399acb7d8fc3df6e756bc1397c1eae4e1a38d0e65348ceae26f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 20 Jun 2022 16:53:07 GMT
content-encoding: gzip
age: 251472
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 10884
ghost-fastly: true
x-request-id: 6c2640442415aa5089ba6c95af45fc7d, 6c2640442415aa5089ba6c95af45fc7d
x-served-by: cache-ams21038-AMS, cache-mxp6955-MXP
accept-ranges: bytes
last-modified: Fri, 17 Sep 2021 21:18:34 GMT
server: openresty
x-timer: S1655743988.934443,VS0,VE1
etag: W/"db19-17bf5a0167a"
vary: Accept-Encoding, Cookie
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
ghost-cache: MISS
x-cache-hits: 1, 1

GET
H2

200

portal.min.js Show response
unpkg.com/@tryghost/portal@1.22.6/umd/
Redirect Chain

https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js
https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js

484 KB
124 KB

37ms
36ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@tryghost/portal@1.22.6/umd/portal.min.js

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

234cca19dbef6d8c969d5c4d8298a33d52ff6d2bbe7874d2cb1d148ff838b595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2900065
fly-request-id: 01G3AJTT3QS7E0V2AE0A8PDPTW-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 18 May 2022 03:15:35 GMT
server: cloudflare
etag: W/"79000-M0DLzHAKKwWGpUR+nfOsDIxvZTs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 71e604d538e70229-ZRH

Redirect headers

date: Mon, 20 Jun 2022 16:53:08 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G610EBH4DWMNPZTKPCS7YAPE-fra
server: cloudflare
age: 213
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@tryghost/portal@1.22.6/umd/portal.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 71e604d4f87b0229-ZRH
access-control-allow-origin: *

GET
H2 200 / Show response
js.stripe.com/v3/ 312 KB
74 KB 62ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3685691fa45d43357d417d8a286ec15c661357e482c2c744c9a48929ded728a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: HIT
content-length: 75074
etag: "ff5557c293a7968b559c9b751bb4d45c"
x-request-id: fcc6f849-924b-46be-be71-e5d5aa09a35f
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 18:05:36 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:08 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 49

GET
H2 200 cards.min.js Show response
www.energyvsclimate.com/public/ 7 KB
2 KB 82ms
81ms Script
application/javascript 2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.energyvsclimate.com/public/cards.min.js?v=4fbcd8fb45
Requested by: Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 857dcf021006f18df5e72e87501221d5b2f40c7f99c23ef75fa582cca9b49900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 20 Jun 2022 16:53:07 GMT
content-encoding: gzip
age: 251471
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 1686
ghost-fastly: true
x-request-id: f90657c78bd94899d49813d7943b447f, f90657c78bd94899d49813d7943b447f
x-served-by: cache-ams12741-AMS, cache-mxp6955-MXP
accept-ranges: bytes
server: openresty
x-timer: S1655743988.982354,VS0,VE1
etag: "16d84278bb517d1765f9d6471d902dc2"
vary: Accept-Encoding, Cookie
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
ghost-cache: MISS
x-cache-hits: 2, 1

GET
H2 200 cards.min.css
www.energyvsclimate.com/public/ 23 KB
4 KB 37ms
37ms Stylesheet
text/css 2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.energyvsclimate.com/public/cards.min.css?v=4fbcd8fb45
Requested by: Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: e078c7f2333231376567af00407f22f166a32b0b39c1932de5f151462f26732f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 20 Jun 2022 16:53:07 GMT
content-encoding: gzip
age: 251473
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 4281
ghost-fastly: true
x-request-id: ad51dd158454c4318b5c390caec1fc91, ad51dd158454c4318b5c390caec1fc91
x-served-by: cache-ams12773-AMS, cache-mxp6955-MXP
accept-ranges: bytes
server: openresty
x-timer: S1655743988.934683,VS0,VE1
etag: "68dd49021ee6d7818c2e1e2e64ed89aa"
vary: Accept-Encoding, Cookie
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
ghost-cache: MISS
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
70 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XF3CGR69RV

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e461892edceefeaf98b0fc86ab18a46118a505644061861c3bed637b02708816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71255
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:07 GMT

GET
H2 200 Energy-vs-Climate-Header-Logo.png
www.energyvsclimate.com/content/images/2021/09/ 70 KB
70 KB 89ms
89ms Image
image/png 2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.energyvsclimate.com/content/images/2021/09/Energy-vs-Climate-Header-Logo.png
Requested by: Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 48d0f70dbc3819e9f027c19d497b3a255cee5c88bf9d3ebc3fe00a18dd14986a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 20 Jun 2022 16:53:07 GMT
via: 1.1 varnish, 1.1 varnish
age: 249707
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 71234
ghost-fastly: true
x-request-id: 3d349053b3e509caa0f031afb19a05c6, 3d349053b3e509caa0f031afb19a05c6
x-served-by: cache-ams21044-AMS, cache-mxp6955-MXP
accept-ranges: bytes
last-modified: Wed, 15 Sep 2021 17:27:38 GMT
server: openresty
x-timer: S1655743988.982447,VS0,VE1
etag: W/"11642-17bea7ff2eb"
vary: Cookie
content-type: image/png
cache-control: public, max-age=31536000
ghost-cache: MISS
x-cache-hits: 1, 1

GET
H2 200 app.min.js Show response
www.energyvsclimate.com/assets/js/ 263 KB
79 KB 37ms
37ms Script
application/javascript 2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.energyvsclimate.com/assets/js/app.min.js?v=4fbcd8fb45
Requested by: Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 911d7322ec430f9a174688cb80f7b0991bee829fc973a5fcbef9cad792f216dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ghost-age: 0
date: Mon, 20 Jun 2022 16:53:07 GMT
content-encoding: gzip
age: 251471
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 81013
ghost-fastly: true
x-request-id: d42be199c91ace80cf7cf891f494bd7c, d42be199c91ace80cf7cf891f494bd7c
x-served-by: cache-ams12743-AMS, cache-mxp6955-MXP
accept-ranges: bytes
last-modified: Fri, 17 Sep 2021 21:18:34 GMT
server: openresty
x-timer: S1655743988.977557,VS0,VE1
etag: W/"41df8-17bf5a015e8"
vary: Accept-Encoding, Cookie
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
ghost-cache: MISS
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ 997 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e2160c46150e3bf623b4f25272a6d890952b23dd88c91e0feebe11c1beb8546

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

0fb97d1a-447c-457c-b1a9-f87f0f6ebf93 Show response
www.zeffy.com/en/embed/donation-form/ Frame 340E
Redirect Chain

https://app.simplyk.io/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

301 KB
70 KB

412ms
379ms

Document
text/html

192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

a1a1977d79b6ec896a695c961076c3b8b6a0473dd6a97727530d85f483531afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.energyvsclimate.com/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=1, stale-while-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:08 GMT
etag: "4b468-jdkk3asH8uGDLnrsuNbLNcFbgUo"
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: ALLOWALL
x-nextjs-cache: STALE
x-sucuri-cache: MISS
x-sucuri-id: 15019
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Jun 2022 16:53:08 GMT
Location: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
Server: Cowboy
Vary: Accept
Via: 1.1 vegur
X-Powered-By: Express

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ 37 KB
37 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.energyvsclimate.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:07:32 GMT
x-content-type-options: nosniff
age: 517536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:07:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-180476218-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XF3CGR69RV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d35cc16e5bfb37be5954519a7bd582b6b698f262fee91321586166bb8e2d222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39828
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:08 GMT

GET
H2 200 / Show response
www.energyvsclimate.com/members/api/site/ 4 KB
1 KB 19ms
18ms Fetch
application/json 2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.energyvsclimate.com/members/api/site/
Requested by: Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: f3d64823bc7c7c67894b24038f3c9befd34194e02dc240abb8710b4b44c50b41

Request headers

Referer: https://www.energyvsclimate.com/donate/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
age: 6733
accept-ranges: bytes
x-cache: HIT, HIT
status: 200 OK
alt-svc: clear
content-length: 1183
ghost-fastly: true
x-request-id: 5f1b7788e6ad3b415421e5c416eeb263, 5f1b7788e6ad3b415421e5c416eeb263
x-served-by: cache-ams12760-AMS, cache-mxp6955-MXP
access-control-allow-origin: *
server: openresty
x-timer: S1655743988.133675,VS0,VE1
etag: W/"1041-mwQCqUGbz7EJm9+SLMq86W4XEt4"
vary: Accept-Encoding, Cookie
content-type: application/json; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache: MISS
x-cache-hits: 1, 1

GET
H2 204 /
www.energyvsclimate.com/members/api/member/ 0
0 39ms
39ms Fetch 2a04:4e42:600::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.energyvsclimate.com/members/api/member/
Requested by: Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.22.0/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ghost-age: 6733
date: Mon, 20 Jun 2022 16:53:08 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
status: 204 No Content
alt-svc: clear
ghost-fastly: true
x-request-id: 250e09d51537b0f960b3ee215d1e9113, a327847a304a080a07e1b0b5bfeeb7ce
x-served-by: cache-ams12742-AMS, cache-mxp6955-MXP
accept-ranges: bytes
server: openresty
x-timer: S1655743988.133757,VS0,VE22
vary: Cookie
access-control-allow-origin: *
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache: HIT
x-cache-hits: 0, 0

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 31F8 240 B
549 B 23ms
23ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.energyvsclimate.com/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 857240
cache-control: max-age=31536000
content-encoding: br
content-length: 139
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:08 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 246303
x-content-type-options: nosniff
x-request-id: 4879acdf-b106-447b-8b22-d474d71c85f8
x-served-by: cache-hhn4074-HHN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180476218-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6499
date: Mon, 20 Jun 2022 15:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 17:04:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
353 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XF3CGR69RV&gtm=2oe6f0&_p=1201717426&_z=ccd.v9B&cid=748385150.1655743988&ul=en-us&sr=1600x1200&_s=1&sid=1655743988&sct=1&seg=0&dl=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F&dt=Donate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XF3CGR69RV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.energyvsclimate.com/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 16:53:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.energyvsclimate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 31F8 0
570 B 480ms
157ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 31F8 1 KB
798 B 7ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 7
x-cache: HIT
content-length: 670
etag: "77711798ecf99b8bb8207cf88a10d73c"
x-request-id: cba793ab-4979-4c0a-a79d-2356ced39102
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:08 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4CBD 930 B
2 KB 54ms
9ms Document
text/html 143.204.89.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-96.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 197
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:49:53 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-id: o8Fqf1YJgvXTiKRhxhdjuu1ySGmXFgNGG3VIqjFMsx6qQP06nXOEew==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1201717426&t=pageview&_s=1&dl=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F&ul=en-us&de=UTF-8&dt=Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=341629659&gjid=1215484101&cid=748385150.1655743988&tid=UA-180476218-2&_gid=914429222.1655743988&_r=1&gtm=2ou6f0&z=403232350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.energyvsclimate.com/donate/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 16:53:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.energyvsclimate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4CBD 0
345 B 408ms
157ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 16:53:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 4CBD 86 KB
14 KB 10ms
10ms Script
text/javascript 143.204.89.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-96.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 276
date: Mon, 20 Jun 2022 16:48:38 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hbRBo4dwqeC2AiSCs7ike8Omb-hOxnHAD_9fLpypQDolKeXf9qcWcg==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 6 Show response
m.stripe.com/ Frame 4CBD 156 B
522 B 486ms
162ms XHR
application/json 52.38.14.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.38.14.160 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-160.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e2a921d4648d6d46e1c8dca9c27682131cfecc4f07e2dc3532d9ffed5c23a748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 340E 222 B
450 B 61ms
30ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.fr,Intl.~locale.en
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: br
last-modified: Wed, 08 Jun 2022 18:45:15 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/102.0.0
server-timing: cache-fra19140, PASS, fastly;desc="Edge time";dur=24
accept-ranges: bytes
content-length: 126

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 340E 197 KB
65 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91245a49c5631404006a53d81b21b2e5b2f33277954dd09842fc8c185abd410f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66103
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Jun 2022 16:53:08 GMT

GET
H2 200 685df2987df6311a.css
www.zeffy.com/_next/static/css/ Frame 340E 185 KB
64 KB 9ms
9ms Stylesheet
text/css 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/css/685df2987df6311a.css

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

488a016bdc3a7e55a21b3b723e43a9a9fcea36f816f58148935d7f9fbcf0367f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"2e2c9-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: text/css; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webpack-e3e625e8916b30b6.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 7 KB
4 KB 10ms
4ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/webpack-e3e625e8916b30b6.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

43a8ddba9b8a681b8c99e2d223c9292279b620ea14df51e0bec53bb48457d4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"1b51-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 framework-3dcfb8137a96c758.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 146 KB
46 KB 13ms
5ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/framework-3dcfb8137a96c758.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

7129fdab432da9a1c7b44879382df2ef8af668e03cde85e61e8f270d737c7bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"2478a-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-fc4f64952ab871fd.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 246 KB
75 KB 14ms
6ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/main-fc4f64952ab871fd.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

f70cd986186697dd0a515465805ff547435bfd78b5b97e3bdcb2c62e35221213

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"3d953-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _app-c306d58b552c8d3f.js Show response
www.zeffy.com/_next/static/chunks/pages/ Frame 340E 2 MB
526 KB 20ms
12ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

67c30849edb57d7859cfaefc9bce19b22469dfaeb789d89fc8e65135551a871c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jun 2022 13:44:16 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"1ebcdc-181815b5780"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5207-d188d2d98c8720b9.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 13 KB
5 KB 20ms
13ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5207-d188d2d98c8720b9.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

876be3ca435800a192c07d6e93d2c6a21b5e5e471941ceb7d7ebc2217860cde5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"3563-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 865-f0e3d1c6f83d32d4.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 10 KB
4 KB 30ms
23ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/865-f0e3d1c6f83d32d4.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

8a289d510695a72077ea66e65b9ba5344e1955e81945e054bf2e83b32fa06466

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"28d0-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9386-bf2c8a5559d66519.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 9 KB
3 KB 30ms
23ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9386-bf2c8a5559d66519.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

9d9a1ba2ca5cb27e8fea8b7d91bb8f6695aa8d881cb8f96897108f1e1d0bd090

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"22ab-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2045-6f888e8b74d79c7d.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 9 KB
4 KB 30ms
23ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/2045-6f888e8b74d79c7d.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

e857ba22a8e56722f5ef4cb9b20d4167fd2e8c7c433bd27b13cc9df8bcbd9b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"224e-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6619-eeadbd4894ea2eb0.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 44 KB
14 KB 30ms
23ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6619-eeadbd4894ea2eb0.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

ca1a889fb5333f3d90bb2d9d6f052625036d98e1340ccfc25709bc7ce9f205dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"b05a-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2682-0816685fc8859fc5.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 32 KB
12 KB 30ms
24ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/2682-0816685fc8859fc5.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

cfd4e5dfc349750a4d230ee710464e7937a2f84fd38824548455638d5124a478

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"80ca-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6577-f6b716ed828c9db6.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 12 KB
5 KB 30ms
24ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6577-f6b716ed828c9db6.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

a71bf6907c5609a636a7e9ec89409ca5935735060064fd807875425c18b3f636

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"2e58-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4106-d8140a08e368f678.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 25 KB
10 KB 30ms
24ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4106-d8140a08e368f678.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

29cdb8b797c49a117de8393feb87c7103f6107900083f820e6a88de56adacce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"656d-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 30-4ca64688e73ef864.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 29 KB
11 KB 30ms
24ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/30-4ca64688e73ef864.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

cfb5826a29c009a1fd08f37647ed2a3ce4b9e563e76bad791ac7ed7961213ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"739d-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 124-a51540563739a5fb.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 10 KB
4 KB 30ms
24ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/124-a51540563739a5fb.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

1f72c858c902661982ea707d99315bd23301fff5749d8254e8c6aabd709805ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"2953-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4536-e42f383011feb7c6.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 67 KB
25 KB 30ms
25ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4536-e42f383011feb7c6.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

d0088c159e550cbd5668e8cf98d399316cc34cea3a8676af0b8bf13ab95a3023

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"10cfa-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3884-94e5ce3c52ed665a.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 25 KB
10 KB 30ms
25ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/3884-94e5ce3c52ed665a.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

a20b9dbbc2e1469a8e5c2d596b45ecc0dfe14747163ef4ce5f9e102a0ba5e6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"6599-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9627-2023cd86b3ae18f0.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 7 KB
3 KB 31ms
25ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9627-2023cd86b3ae18f0.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

ddea34ad149fcb4a7db1eab69057062e01d1e652addfa82d3f585693a4a3608c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"1da0-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5237-6788a2f977542b35.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 8 KB
3 KB 31ms
25ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5237-6788a2f977542b35.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

79a9e0acacd93ec7f298e26059f5f15961224b36ce6190d627ecc0fe21429003

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"1e03-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5121-8ae004cf2c7ec75a.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 92 KB
29 KB 31ms
25ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5121-8ae004cf2c7ec75a.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

33acb8492773bdfe6b4f852eaaa7251b2797f682112e20985b3317c297a87111

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"1709e-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4695-7fcdf53fcabee464.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 53 KB
18 KB 31ms
26ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4695-7fcdf53fcabee464.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

9a08bd12671dcef168d6f8f1d32697d235434a3d08554bb4d7454a848957b9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"d577-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4330-84a4b56a383c230e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 156 KB
46 KB 31ms
26ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4330-84a4b56a383c230e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

fbdd1c83c6f67c665bf7366867aae333588f79a01ea5bf6860ea87fc3759dd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"2704f-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5409-087985bdcce64019.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 12 KB
5 KB 30ms
26ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5409-087985bdcce64019.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

2666d732859d48f58e762ba70b38e4cbd8c7ab2a40caef13803d292d27fb3758

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"315b-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7263-74c6de62adfb2793.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 17 KB
6 KB 30ms
26ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7263-74c6de62adfb2793.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

2775ed0dbf1a5f1d8f099f232189995a70267b49c1c4baf5702df7a043643ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"426a-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6215-ac16e43c1545b9ac.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 32 KB
11 KB 30ms
26ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6215-ac16e43c1545b9ac.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

884442d29230ea6f3d3aeb5f54c9ea5b2c4636cbf5cae548617ababb7acef81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"80c0-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9367-500b13d5af38bed3.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 20 KB
7 KB 30ms
27ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9367-500b13d5af38bed3.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

1564a8a6cf05ed642391a6c4fa766057898eeaa1bc8eec9ae5c6b65c9ba9a8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"519d-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6135-d176cd7da0d1e9a1.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 9 KB
3 KB 30ms
27ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6135-d176cd7da0d1e9a1.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

a28eeaebf0e9b429d223cbe65ff077848faea2c8f0ebf121f2bbe1dbb78ea361

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"24ff-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1997-294b9ae3f76d7e2e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 10 KB
4 KB 30ms
27ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/1997-294b9ae3f76d7e2e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

60f5cb73ac37ba1410ef665f59aad06fdf3e2634bdc7b0636c150c8abdef3c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"2890-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3843-e6431a40d6f2aa3a.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 20 KB
5 KB 30ms
27ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/3843-e6431a40d6f2aa3a.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

1009f10b41504566368096ab63a2dd02a44088a922c2f0e8a9b81f34af19b106

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"50d7-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3619-64edda01fd70b0b5.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 105 KB
26 KB 30ms
27ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/3619-64edda01fd70b0b5.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

9b9b19ea08f080f4c9a52e2b92c7306cbcbc05bf1ca03b791108288ee11ea617

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"1a50e-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8502-cbf9608ad0e56c08.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 41 KB
11 KB 30ms
27ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8502-cbf9608ad0e56c08.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

e03653211f2b894d28cf67075d7f7b5ff03ace24a1c4337925e93f42b6a1575a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"a38e-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %5BdonationFormId%5D-d06b6d8290521a93.js Show response
www.zeffy.com/_next/static/chunks/pages/embed/donation-form/ Frame 340E 33 KB
8 KB 30ms
28ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/pages/embed/donation-form/%5BdonationFormId%5D-d06b6d8290521a93.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

1b5a8b19aeaa51aaa8d917a8a29c13a4f610ea781f7e18ae91d5bdc1953ac64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"8280-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _buildManifest.js Show response
www.zeffy.com/_next/static/UQPOGFLFjg7pAYu0Bbdqh/ Frame 340E 15 KB
5 KB 30ms
28ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/UQPOGFLFjg7pAYu0Bbdqh/_buildManifest.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

c6ab47f38185bcb01aebdae2c1d5753fb311500885e201b923b0a0ad6aaa31fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jun 2022 13:44:16 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"3c81-181815b5780"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _ssgManifest.js Show response
www.zeffy.com/_next/static/UQPOGFLFjg7pAYu0Bbdqh/ Frame 340E 2 KB
950 B 30ms
28ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/UQPOGFLFjg7pAYu0Bbdqh/_ssgManifest.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

fd232cb4aeee2f841a6a8882a2f6495662a958463939dabe52cac6a300b1567d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jun 2022 13:45:35 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"95e-181815c8c18"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _middlewareManifest.js Show response
www.zeffy.com/_next/static/UQPOGFLFjg7pAYu0Bbdqh/ Frame 340E 92 B
484 B 31ms
28ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/UQPOGFLFjg7pAYu0Bbdqh/_middlewareManifest.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
content-length: 92
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Jun 2022 13:45:35 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"5c-181815c8c18"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 340E 191 KB
69 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R2KF2P6FSZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9b295b3d98b6cc6108076490aef4e30d6f18103a7dc6e63bb871756ae2f2695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70189
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:08 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 340E 107 KB
40 KB 74ms
23ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-TD858CV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9442d8b66a8a96c7ca5db0c71e0be328021e0a200ca127128dede6908a3403a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40920
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:08 GMT

GET
H2 200 hotjar-1940062.js Show response
static.hotjar.com/c/ Frame 340E 5 KB
3 KB 88ms
39ms Script
application/javascript 143.204.89.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1940062.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-12.fra50.r.cloudfront.net

Software

Resource Hash

d261569a3603eb0cedbe836b17914561e7f1b973aa5227220aca849e64ff5f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/d7654170b2d8438978546062752f5ba4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jTVNDk1dBlhX2Z5cwT3qLC_Fxz_tNIRXHx_GmQc8golrXLcSQBcnnQ==
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 340E 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6499
date: Mon, 20 Jun 2022 15:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 17:04:49 GMT

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 434ms
360ms Preflight 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
content-security-policy: upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb
date: Mon, 20 Jun 2022 16:53:08 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-sucuri-id: 15008
x-xss-protection: 1; mode=block 0

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 425ms
370ms Preflight 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
content-security-policy: upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb
date: Mon, 20 Jun 2022 16:53:08 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-sucuri-id: 15008
x-xss-protection: 1; mode=block 0

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 419ms
364ms Preflight 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
content-security-policy: upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb
date: Mon, 20 Jun 2022 16:53:08 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-sucuri-id: 15008
x-xss-protection: 1; mode=block 0

POST
H2 200 / Show response
o563579.ingest.sentry.io/api/5703794/envelope/ Frame 340E 2 B
276 B 53ms
20ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o563579.ingest.sentry.io/api/5703794/envelope/?sentry_key=781fd8112e4243c1b089f1385fca29eb&sentry_version=7

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:08 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 v3 Show response
js.stripe.com/ Frame 340E 312 KB
73 KB 7ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/9627-2023cd86b3ae18f0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3685691fa45d43357d417d8a286ec15c661357e482c2c744c9a48929ded728a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 27
x-cache: HIT
content-length: 75074
etag: "ff5557c293a7968b559c9b751bb4d45c"
x-request-id: 34ff533c-6ccf-4cab-883c-0b3d4cdd8ce1
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 18:05:36 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

POST
H3 200 / Show response
o563579.ingest.sentry.io/api/5703794/envelope/ Frame 340E 2 B
20 B 31ms
13ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o563579.ingest.sentry.io/api/5703794/envelope/?sentry_key=781fd8112e4243c1b089f1385fca29eb&sentry_version=7

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 / Show response
o563579.ingest.sentry.io/api/5703794/envelope/ Frame 340E 2 B
20 B 29ms
12ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o563579.ingest.sentry.io/api/5703794/envelope/?sentry_key=781fd8112e4243c1b089f1385fca29eb&sentry_version=7

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 340E 102 B
1 KB 446ms
430ms Fetch
application/json 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

ea380beb1ddf872c38d8b789c2cc4ab3c3c29eb71d909cd8b580c62c16fe65e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-protected-by: Sqreen
vary: Origin
content-length: 102
x-xss-protection: 1; mode=block, 0
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"66-JaGTbRJ4Sef7Nog8XlvyKy5Clfs"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
access-control-allow-credentials: true
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb

POST
H2 200 / Show response
api.amplitude.com/ Frame 340E 7 B
168 B 680ms
163ms XHR
text/html 52.35.20.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.20.198 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-20-198.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 16:53:09 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 340E 121 B
1 KB 391ms
385ms Fetch
application/json 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

cc1d647b3c7b4ba77807b8dbd65f6d334e2a190c420bb787caa0b606097e963f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-protected-by: Sqreen
vary: Origin
content-length: 121
x-xss-protection: 1; mode=block, 0
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"79-so8xEnie3cl1Tc902U517RSSYAA"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
access-control-allow-credentials: true
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 340E 151 B
1 KB 391ms
380ms Fetch
application/json 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

5418158e0c93460a41edb078ab298ed1a08b0b8a3dae2b3d7a56463bfb970f50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-protected-by: Sqreen
vary: Origin
content-length: 151
x-xss-protection: 1; mode=block, 0
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"97-PwBmaKvefZZTHIYh8M9mjgyc1jk"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
access-control-allow-credentials: true
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb

GET
H2 200 0fb97d1a-447c-457c-b1a9-f87f0f6ebf93.json Show response
www.zeffy.com/_next/data/UQPOGFLFjg7pAYu0Bbdqh/en-CA/embed/donation-form/ Frame 340E 255 KB
64 KB 121ms
121ms Fetch
application/json 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/data/UQPOGFLFjg7pAYu0Bbdqh/en-CA/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93.json

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

fb3d534149ec1d783cf5438722198f3c183c545f5bc936544a803f14669bf23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zeffy.com/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
sentry-trace: 07ce1f4ea8c24f8cb9b84d46802abf66-864dbc5ca2fcfe04-0

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-nextjs-cache: STALE
x-sucuri-cache: MISS
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: ALLOWALL
etag: "3fb61-0gEHo4DUcK3FATeeJsAcw5165g4"
strict-transport-security: max-age=63072000
content-type: application/json
via: 1.1 vegur
cache-control: s-maxage=1, stale-while-revalidate
x-sucuri-id: 15019

GET
H2 200 2614165.js Show response
js.hs-scripts.com/ Frame 340E 2 KB
980 B 177ms
139ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2614165.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc70ebcb2197460768a0ffeaf8ccc3028317ef6d175a1f15c137550dd221628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: c80b9009-a721-424b-a865-e7774b0e4fc1
last-modified: Mon, 20 Jun 2022 16:21:32 GMT
server: cloudflare
x-trace: 2BC0AA5C953496BFC3EDCD8916E575E84153DD0BD6000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 71e604dcce5d2373-ZRH
expires: Mon, 20 Jun 2022 16:54:09 GMT

GET
H2 200 modules.b871a939666125f20d79.js Show response
script.hotjar.com/ Frame 340E 243 KB
63 KB 37ms
8ms Script
application/javascript 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b871a939666125f20d79.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1940062.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Resource Hash

e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 08:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 979263
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64109
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 08:51:29 GMT
etag: "a7a5f230aae7accf37f785c6590c07fa"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: saV8NB7FPjrRgR3H6lzKHMAEAh1jUBWyi-oSbJwM-xltdNxU24UFrA==

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 62FE 2 KB
1 KB 39ms
7ms Document
text/html 143.204.89.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1940062.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-26.fra50.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1761543
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront)
x-amz-cf-id: 2IsGtYK1lyPIZLC0D0wXWmDWhTGMUv_KiP0uE7owK4foSgFj4DMfog==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 2614165.js Show response
js.hs-analytics.net/analytics/1655743800000/ Frame 340E 62 KB
20 KB 536ms
510ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1655743800000/2614165.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f994fa4fed4c327e91a344a97748cb3f88173748402b036b1b4347f230dbc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: Q1TBS6ASG13TQ8WG
x-amz-server-side-encryption: AES256
cf-ray: 71e604dddfd52373-ZRH
x-amz-id-2: xm0DNJfUthLieYd9Rl0StnfJsqrsBNqW8Fwcc33D05Gm1+vAx/+fXfm5NfgjFwra2sf/eSe9yWY=
last-modified: Tue, 14 Jun 2022 15:07:18 GMT
server: cloudflare
etag: W/"202c6c3fa56984d8fb9219b9377f8b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 20 Jun 2022 16:58:09 GMT

GET
H2 200 2614165.js Show response
js.hs-banner.com/ Frame 340E 59 KB
16 KB 148ms
130ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2614165.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e769b83d38fa051743799cfbee001112098805cec951d31c3f1b2d175e859af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 0DFTA37XFB2MBQ3V
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: VL+DMsCbmZ5YlcwVgy56wX3GIjZC2mG8npnK2Qcb2gpH3iFL0Ezli78QJcIU5/y0tGYLuoxNlMU=
timing-allow-origin: *
last-modified: Fri, 27 May 2022 15:37:17 GMT
server: cloudflare
etag: W/"71167c3df810ac9e1c989351df324035"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: oFi_Vrl2p.kHiz2Sj95zyjZ1ED9t0ISZ
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 71e604ddcb3d90a0-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 20 Jun 2022 16:58:09 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ Frame 340E 72 KB
21 KB 48ms
26ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 551
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10231/bundles/project.js&cfRay=71e5f767f92a9bfe-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 13 Jun 2022 04:26:28 UTC
server: cloudflare
etag: W/"d0b8bb93285841cdfb13313435e2d467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: vc1SRxdlKcOgNfVcksJ2KUyWlsnYWj5h
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 71e604ddc8589bee-FRA
x-amz-cf-id: MAPjiW6xckQLW1YvSTH9chg7ZHdwi9_bEcALF43tbuB1TMgGe7mzCg==
x-hs-target-asset: conversations-embed/static-1.10231/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame 340E 5 KB
3 KB 43ms
17ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f77149b1beed108b3d3ad88b9170a8a27e1c6eedb0ed30c698492b4586372d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 565
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.280/bundles/pixels-release.js&cfRay=71e5f7102ffe91d7-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 23 May 2022 07:52:59 UTC
server: cloudflare
etag: W/"b2851680cfd5ddf0808f77f92bc6969d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: LETuWsZMnftQGCDTSmAdJHQ8_upu6cZ6
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 71e604ddcf999238-FRA
x-amz-cf-id: 4SJgNn-w_uOXCs-0YxMtABb7GOMx5cUMGfglQR7O_W1MnncakcX6QA==
x-hs-target-asset: adsscriptloaderstatic/static-1.280/bundles/pixels-release.js

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 340E 100 KB
27 KB 30ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: UrR3i6qTGDepjVdXWd6kM4jVmogcggNjAIV26wisXILH93LG9vQ7Wc+smwIOS9/lYVhY8UKTDOOkKlsVxKGXIQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Jun 2022 16:53:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
o563579.ingest.sentry.io/api/5703794/envelope/ Frame 340E 2 B
20 B 10ms
10ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o563579.ingest.sentry.io/api/5703794/envelope/?sentry_key=781fd8112e4243c1b089f1385fca29eb&sentry_version=7

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 / Show response
o563579.ingest.sentry.io/api/5703794/envelope/ Frame 340E 2 B
20 B 9ms
9ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o563579.ingest.sentry.io/api/5703794/envelope/?sentry_key=781fd8112e4243c1b089f1385fca29eb&sentry_version=7

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 340E 11 KB
11 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-CA/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 21:50:33 GMT
x-content-type-options: nosniff
age: 586956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 21:50:33 GMT

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 340E 33 B
1 KB 372ms
372ms Fetch
application/json 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

db73dc1a038bef8ce44879575d9bd22b5243619660e909978e0a27e52dd61b81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-protected-by: Sqreen
vary: Origin
content-length: 33
x-xss-protection: 1; mode=block, 0
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"21-Cj9H8NvW9LgcEaEklbO7UVoeo/k"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
access-control-allow-credentials: true
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 340E 102 B
1 KB 419ms
418ms Fetch
application/json 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

052260173e989705265304ace1b8d2ed07cc7490f6f44ce9b0fc17a66882466c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-protected-by: Sqreen
vary: Origin
content-length: 102
x-xss-protection: 1; mode=block, 0
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"66-3nso55PjcdxTqm8Fr/B45QXdiOA"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
access-control-allow-credentials: true
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ Frame 340E 325 B
1 KB 174ms
157ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2614165&conversations-embed=static-1.10231&mobile=false&messagesUtk=c05db4b0a18e4253a9bead6594dcc338&traceId=c05db4b0a18e4253a9bead6594dcc338&referrer=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

282523c63529a215ff45f76ca99031e604396f96d4186924e1877656d76860fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.zeffy.com/en-CA/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 8e95a443-f3bc-4d7a-809e-2459a5faf31c
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 260
server: cloudflare
x-trace: 2B71DAE8842458681051704A43873BA0C3C79E8FBB000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFOt7kWHKC2o79eikNOWzGbgj7RbHtImGvF%2B%2BaV%2BdZNkTSsEEJ4S1uHSDgN8ixKUL3WVvWnS2dWE3S62HoBRM%2BA%2BPQKsn9tfUn1vgdRkJX42W2ZHLl%2BTlkVewoUziUGXH9gbUpJrE3SMwPGqQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 71e604e0a83b233d-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H3 200 2904194103159151 Show response
connect.facebook.net/signals/config/ Frame 340E 288 KB
83 KB 403ms
394ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2904194103159151?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c0afb5bedce5932a6af587273b3b73bbd3b97a8d0de5031e43f563b20d62be42

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: frCvZaSd8PdKHs8Jd6rsUhPT+EZEWiKeGJ6gd4Eu4aXCqQOMXEsf/i61wEGuxJWJzVLtIRDPvp2wcHAjnIUHQQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 20 Jun 2022 16:53:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655743989868
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 364ms
363ms Preflight 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
content-security-policy: upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb
date: Mon, 20 Jun 2022 16:53:09 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-sucuri-id: 15008
x-xss-protection: 1; mode=block 0

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 370ms
370ms Preflight 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
content-security-policy: upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb
date: Mon, 20 Jun 2022 16:53:09 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-sucuri-id: 15008
x-xss-protection: 1; mode=block 0

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 378ms
161ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.zeffy.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71e604df8cb30219-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 20 Jun 2022 16:53:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5hRevEtL9KIQijuD4LdSjSxt5dqIrNZoumw49gVe8nFKlH76z%2FVHKIfzGqOLZHokuxNgEi2Th41sRPLTt2DsqpHqxyx%2BOzpgbW8%2FLif%2FWBLOgkskb0ruAiCnAT9UYHWCPFdVH8lXZb0mlcRGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: defb03ba-b57b-4086-bebc-1a7e570652fa
x-trace: 2B5C69A04BC999D46702D5CC4D89804E815F51DB14000000000000000000

POST
H2 200 / Show response
api.amplitude.com/ Frame 340E 7 B
167 B 648ms
332ms XHR
text/html 52.35.20.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.20.198 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-20-198.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 16:53:10 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ Frame 340E 44 B
409 B 58ms
12ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2904194103159151&ev=PageView&dl=https%3A%2F%2Fwww.zeffy.com%2Fen-CA%2Fembed%2Fdonation-form%2F0fb97d1a-447c-457c-b1a9-f87f0f6ebf93%3Flng%3Den&rl=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F&if=true&ts=1655743989904&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&it=1655743989468&coo=false&rqm=GET

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-CA/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 20 Jun 2022 16:53:09 GMT

GET
H2 200 sdk.js Show response
canny.io/ Frame 340E 93 KB
31 KB 47ms
13ms Script
application/javascript 2600:9000:2156:aa00:0:1a32:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://canny.io/sdk.js
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:aa00:0:1a32:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86e672cc9523a8a1a6f2ef0b7aee5633bd37dae1d3aec4a69fcbdd42f3d1ecc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 22 May 2022 00:57:10 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 16:39:04 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:9db63afe12843fa090f76e1ad416c4b4
age: 2562961
etag: W/"9db63afe12843fa090f76e1ad416c4b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: eGxfidrLC7Nfy9vNLSWSWRlwRjgIhEUDgL_VfVZlBOSXGD_TA9vIJw==

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 2B8F 240 B
225 B 11ms
10ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 857242
cache-control: max-age=31536000
content-encoding: br
content-length: 139
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:09 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 246304
x-content-type-options: nosniff
x-request-id: 63a47da0-f21f-4cd5-b5f8-c9ee55e42f9b
x-served-by: cache-hhn4074-HHN

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ Frame 340E 206 B
953 B 204ms
171ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2614165

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb754ad80921caa4ce8fa99ebf84ce88c1f8c9c1f4420a22ae43888e98b57727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3f7261e3-3450-4ae2-a73c-4951c71b50b8
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B51D2845C55DA9659751CA297E98ED18DE6F75E51000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfEddF%2FWmMkIHFi34A6C5xkkOFBnCMkJ%2FgYfRBIuqM5yJqrjJddDX25axCkTxGJPA%2BuKihgJuD%2FqcmJsQ6OE3ejxluLD0jE2995w4eeP3W8C4trl1BF1XaZQC1D9WjpbyVwYNV56I68kpxvm"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
access-control-allow-credentials: false
cf-ray: 71e604e18d159a2d-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 340E 45 B
965 B 188ms
145ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2153072566&v=1.1&a=2614165&rcu=https%3A%2F%2Fwww.zeffy.com%2Fembed%2Fdonation-form%2F0fb97d1a-447c-457c-b1a9-f87f0f6ebf93%3Flng%3Den&r=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F&pu=https%3A%2F%2Fwww.zeffy.com%2Fen-CA%2Fembed%2Fdonation-form%2F0fb97d1a-447c-457c-b1a9-f87f0f6ebf93%3Flng%3Den&t=Energy+vs+Climate+Donation+Form&cts=1655743989972&vi=2c854b30588fb9d95b36c49323f07a17&nc=true&cc=15

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ad81b449-4739-440b-b8a1-7dae14275071
cf-ray: 71e604e1ae450208-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QHqq1ZH%2FO%2FRD%2Bu%2FGMvIEfrqFSEBbsmGRvwnAhRit7RCW9ZNJtfFhQOy%2FOua4ZYcqHYcAhPEjHlrfaOKsIPNxu6tjQYSzIUnS0tGY3WYbeoyThD7DDTPukDjTwiJxEDWo0Ss46oNKh5uzWrgdaZA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

POST
H2 200 csp-report
q.stripe.com/ Frame 2B8F 0
570 B 157ms
157ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2B8F 1 KB
951 B 29ms
29ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 9
x-cache: HIT
content-length: 670
etag: "77711798ecf99b8bb8207cf88a10d73c"
x-request-id: 29409879-4924-4454-ae08-0174db232f64
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FA9F 930 B
2 KB 9ms
9ms Document
text/html 143.204.89.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-96.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 199
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:49:53 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-id: EJLhk7y9az3UWNaWYUVO4zwhIMW37dOlArRi2PteX52DymVM7HXrhQ==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame FA9F 0
344 B 156ms
156ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 16:53:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame FA9F 86 KB
14 KB 31ms
31ms Script
text/javascript 143.204.89.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-96.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 278
date: Mon, 20 Jun 2022 16:48:38 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0zseeIsGcYGOeBiJK1_MWGjnPXQ0tlJ-BNpR4K2BUUztptMaKHFYDA==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 6 Show response
m.stripe.com/ Frame FA9F 156 B
522 B 472ms
161ms XHR
application/json 52.38.14.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.38.14.160 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-160.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5fb66c9cb56619470be63d8d4b333d68c99d6afc181f00576847d1cf30bef75c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 controller-d76978d462b4fd179a04a883aede01c2.html Show response
js.stripe.com/v3/ Frame 5158 349 B
630 B 15ms
14ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d76978d462b4fd179a04a883aede01c2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

363d8bd94c1621d67277d539a7778ed011bc634c7eb867c0e50e50243c2f8661

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 56
cache-control: max-age=60
content-encoding: br
content-length: 167
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:10 GMT
etag: "d76978d462b4fd179a04a883aede01c2"
last-modified: Fri, 17 Jun 2022 17:47:43 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 15
x-content-type-options: nosniff
x-request-id: 54393290-fa7d-41d0-ad32-871962c0f483
x-served-by: cache-hhn4074-HHN

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 100ms
100ms Preflight 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
content-security-policy: upgrade-insecure-requests; default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb
date: Mon, 20 Jun 2022 16:53:09 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-sucuri-id: 15008
x-xss-protection: 1; mode=block 0

GET
H2 200 5152.220d9ac0bbb690f4.js Show response
www.zeffy.com/_next/static/chunks/ Frame 340E 2 KB
1 KB 8ms
8ms Script
application/javascript 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5152.220d9ac0bbb690f4.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-e3e625e8916b30b6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

e14fe37164f7c45dec9aa50f605ae8963b2dcc04db4aefdafc028e479b77cfb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-CA/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:27:18 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"757-1816ce94d70"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 340E 109 B
1 KB 111ms
110ms Fetch
application/json 192.124.249.8
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.8 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10008.sucuri.net

Software

nginx /

Resource Hash

2553afa3ceb50e7adf833fa0629d1a50ad5a2946407f6bf0102c888a464b1de0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type: application/json

Response headers

date: Mon, 20 Jun 2022 16:53:09 GMT
via: 1.1 vegur
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-protected-by: Sqreen
vary: Origin
content-length: 109
x-xss-protection: 1; mode=block, 0
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: W/"6d-iUAuJ5Z1/QdsTu3XAxULrR/BalM"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
access-control-allow-credentials: true
x-sucuri-id: 15008
content-security-policy: upgrade-insecure-requests;, default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-security-policy-report-only: child-src 'self'; connect-src 'self'; default-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; prefetch-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/csp_5c4bff8f1498cdd0af44b8e2486845eb

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 340E 884 B
996 B 42ms
20ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdrcLYUAAAAAEIDf-hPAsRNvk5txiRVYGpOC9CH

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/7263-74c6de62adfb2793.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8501e897057a0f18eb74544337577c3d1a3971db7de2979ff1ebe5209b52766

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Mon, 20 Jun 2022 16:53:10 GMT

GET
H2 200 payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html Show response
js.stripe.com/v3/ Frame B79F 434 B
569 B 6ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b50c90286dd30854243d02cec95da76b4810d0818d4f2467e953827d51eadf2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 59
cache-control: max-age=60
content-encoding: br
content-length: 198
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:10 GMT
etag: "f9e4124d633d5a7989ead5f2d44e283d"
last-modified: Fri, 17 Jun 2022 17:47:43 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 42508a8a-4e3c-4eb2-b794-da111393de55
x-served-by: cache-hhn4074-HHN

GET
H2 200 payment-request-inner-browser-1a116b117a50c01aa5dbb20fb493381d.html Show response
js.stripe.com/v3/ Frame 720D 370 B
606 B 9ms
9ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-1a116b117a50c01aa5dbb20fb493381d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

681ca6982c3ac70efe46cef7a09f684b2a8706ba94edd8ac8a3d6235ad683881

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=60
content-encoding: br
content-length: 180
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:10 GMT
etag: "1a116b117a50c01aa5dbb20fb493381d"
last-modified: Fri, 17 Jun 2022 17:47:43 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 8b3ec8de-6da0-4d2a-8872-1438ab799475
x-served-by: cache-hhn4074-HHN

GET
DATA 200
OK truncated
/ Frame 340E 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 340E 8 KB
8 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 16:53:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 340E 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:27:06 GMT
x-content-type-options: nosniff
age: 23164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 10:27:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 340E 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 10:30:52 GMT
x-content-type-options: nosniff
age: 22938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 10:30:52 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 340E 8 KB
8 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 422890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 19:25:00 GMT

GET
H2 200 elements-inner-card-a89768ded68375bcdf42a107f819d676.html Show response
js.stripe.com/v3/ Frame 5100 807 B
927 B 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b04238981f892a02cf4ffabed9c53ff9f12937a27377e7e3de67c235c639742f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 255789
cache-control: max-age=31536000
content-encoding: br
content-length: 308
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 20 Jun 2022 16:53:10 GMT
etag: "a89768ded68375bcdf42a107f819d676"
last-modified: Fri, 17 Jun 2022 17:47:16 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10133
x-content-type-options: nosniff
x-request-id: e029e224-e6bc-47b6-a1e7-561aee50265d
x-served-by: cache-hhn4074-HHN

GET
H3 200 KFOmCnqEu92Fr1Me5g.woff
fonts.gstatic.com/s/roboto/v30/ Frame 340E 64 KB
64 KB 8ms
8ms Font
font/woff 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5g.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 14:43:07 GMT
x-content-type-options: nosniff
age: 7803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65456
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 14:43:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 340E 108 KB
42 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-812495571

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84a8b53575e4ef846f2661f0e5e06a2b4d8dc303b927c590e3ec0a586e35570e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43330
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Jun 2022 16:53:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 340E 108 KB
42 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-812495571&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2KF2P6FSZ&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54106c31540df33271a401ced5ab7cfcbc7cdc5b7eb81eb0422701c358a6ae07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43352
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Jun 2022 16:53:10 GMT

GET insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 340E 0
0

POST
H2 200 csp-report
q.stripe.com/ Frame 5158 0
570 B 157ms
157ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B79F 0
570 B 158ms
158ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 720D 0
570 B 156ms
156ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5100 0
570 B 159ms
159ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 zeffy-formerlysimplyk-horizontal.svg
www.zeffy.com/images/ Frame 340E 9 KB
5 KB 8ms
7ms Image
image/svg+xml 192.124.249.19
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zeffy.com/images/zeffy-formerlysimplyk-horizontal.svg?w=153&q=75

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.19 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10019.sucuri.net

Software

nginx /

Resource Hash

796861e0008bcf62b3ac25369bc9bcf683d7b187a501b516cace7f44b1027efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-CA/embed/donation-form/0fb97d1a-447c-457c-b1a9-f87f0f6ebf93?lng=en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-sucuri-cache: HIT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jun 2022 14:07:29 GMT
server: nginx
x-frame-options: ALLOWALL
etag: W/"2598-1816cd728e8"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
via: 1.1 vegur
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shared-27a69b77022779173f97d52b8ac04d52.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5158 219 KB
55 KB 9ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d76978d462b4fd179a04a883aede01c2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d98dd2dc353b516b5a144868dedfbc63d4a58ccba93fdc0faeec8845a4f7e8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d76978d462b4fd179a04a883aede01c2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 51
x-cache: HIT
content-length: 55630
etag: "7ea8860bf72704121ed995efdf5124ce"
x-request-id: c7998a4e-fb73-41bd-bdd3-406e16db976c
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 17:47:24 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 controller-73b52d5a818083b1784fa838e0987991.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5158 390 KB
95 KB 9ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-73b52d5a818083b1784fa838e0987991.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d76978d462b4fd179a04a883aede01c2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9a2385436a9b66bcca89b0dd4b333ed7c19986487d63c2afaa905cf31f536609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d76978d462b4fd179a04a883aede01c2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 58
x-cache: HIT
content-length: 97157
etag: "8df8778c7ae1ba76625121508075b6de"
x-request-id: 03e3cbf6-0a19-4975-b149-f59663dff14a
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 17:47:27 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame B79F 95 KB
31 KB 139ms
77ms Script
application/javascript 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8146c50a286b47be9961a985d0e7fa575219923863c987594e54959b0db4c69e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-dftIKlbmb3-SjUVnCCQEsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-dftIKlbmb3-SjUVnCCQEsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-dftIKlbmb3-SjUVnCCQEsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-dftIKlbmb3-SjUVnCCQEsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Mon, 20 Jun 2022 16:53:10 GMT

GET
H2 200 shared-27a69b77022779173f97d52b8ac04d52.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B79F 219 KB
55 KB 16ms
14ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d98dd2dc353b516b5a144868dedfbc63d4a58ccba93fdc0faeec8845a4f7e8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 51
x-cache: HIT
content-length: 55630
etag: "7ea8860bf72704121ed995efdf5124ce"
x-request-id: af21bdb0-4c71-4978-8437-6c7e6e34e7f3
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 17:47:24 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 payment-request-inner-google-pay-3490f99893a31f72004c913e494d1a51.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B79F 13 KB
5 KB 22ms
20ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-3490f99893a31f72004c913e494d1a51.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ff2d760b794858017b7290b971b5b8ef731828ad13c2004f2f2923b3fe902f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-f9e4124d633d5a7989ead5f2d44e283d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 34
x-cache: HIT
content-length: 4492
etag: "9da7fffb4ad96dd4772b1c9428eb4d9c"
x-request-id: ee95ece3-8e07-48bc-8f79-0a67b2d1b4f5
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Wed, 15 Jun 2022 20:17:44 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 shared-27a69b77022779173f97d52b8ac04d52.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 720D 219 KB
54 KB 9ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1a116b117a50c01aa5dbb20fb493381d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d98dd2dc353b516b5a144868dedfbc63d4a58ccba93fdc0faeec8845a4f7e8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1a116b117a50c01aa5dbb20fb493381d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 51
x-cache: HIT
content-length: 55630
etag: "7ea8860bf72704121ed995efdf5124ce"
x-request-id: b07e4a1c-89ae-4ce2-82c6-ad4a5333218b
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 17:47:24 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 payment-request-inner-browser-5c3b4caee3e7868b516a18a97609526b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 720D 11 KB
4 KB 21ms
20ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-5c3b4caee3e7868b516a18a97609526b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1a116b117a50c01aa5dbb20fb493381d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

af3bdc601c01a1ffd74cd4bd290dfd14ad458c651e9bd761da7920ab6b31f054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1a116b117a50c01aa5dbb20fb493381d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 48
x-cache: HIT
content-length: 4091
etag: "d1d694239ccd0410ebbc702f7fb0dd46"
x-request-id: 6d0ae107-a87b-444f-9b98-886bed2d3b58
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Wed, 15 Jun 2022 20:17:29 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 ui-shared-dcc7704820e24909c78df35eed5aea96.css
js.stripe.com/v3/fingerprinted/css/ Frame 5100 18 KB
3 KB 15ms
13ms Stylesheet
text/css 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-dcc7704820e24909c78df35eed5aea96.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 21
x-cache: HIT
content-length: 2691
etag: "d8a33a9503618fb1361fd34772563167"
x-request-id: 82c42d2a-886a-4a12-a5df-c144877d4170
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 18:43:48 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 5100 5 KB
1 KB 16ms
15ms Stylesheet
text/css 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: HIT
content-length: 893
etag: "0de3030d19b9e3517790795cb6ccc87d"
x-request-id: 4de884bf-251e-49f3-b112-19eed0300147
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 shared-27a69b77022779173f97d52b8ac04d52.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5100 219 KB
54 KB 18ms
17ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d98dd2dc353b516b5a144868dedfbc63d4a58ccba93fdc0faeec8845a4f7e8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 51
x-cache: HIT
content-length: 55630
etag: "7ea8860bf72704121ed995efdf5124ce"
x-request-id: 58481585-a134-4a35-b02b-915558cd85f5
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 17:47:24 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 ui-shared-9dc40390df3aeec4aef388bc7e32d06b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5100 214 KB
61 KB 17ms
16ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-9dc40390df3aeec4aef388bc7e32d06b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

aa966d14d5e31f62d152301cc6dee961f94171d2eae54b77216f31b68207d775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: HIT
content-length: 62231
etag: "90b2fd10a40deca5815600b5f8d90fa6"
x-request-id: c86eb6dc-d41f-4661-8a94-cd14d7b80d86
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Wed, 15 Jun 2022 20:17:23 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 elements-inner-card-9adaca75c873040fe191ef23246372b6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5100 47 KB
12 KB 16ms
16ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-9adaca75c873040fe191ef23246372b6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

703a0d2d286674489fe257551ad01817353e8f6275dcdd0535e9cb5092cbe55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-a89768ded68375bcdf42a107f819d676.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: HIT
content-length: 11764
etag: "a32f56b16dc575ba1caa6bbc29988c6a"
x-request-id: 1976cb72-aca8-49d4-a198-af7b2c64cea3
x-served-by: cache-hhn4074-HHN
access-control-allow-origin: *
last-modified: Wed, 15 Jun 2022 20:17:33 GMT
server: Fastly
date: Mon, 20 Jun 2022 16:53:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff
fonts.gstatic.com/s/opensans/v29/ Frame 340E 69 KB
69 KB 16ms
15ms Font
font/woff 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4k.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a8e0e7680644103491c61687d900ccef00ffe78e3a29d9464ae7424069537b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 17:57:44 GMT
x-content-type-options: nosniff
age: 600926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70856
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 17:57:44 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 340E 39 KB
15 KB 73ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-812495571&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 16:53:10 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 340E 366 KB
145 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdrcLYUAAAAAEIDf-hPAsRNvk5txiRVYGpOC9CH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 16:44:31 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 168ms
160ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 / Show response
api.amplitude.com/ Frame 340E 7 B
167 B 337ms
178ms XHR
text/html 52.35.20.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.20.198 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-20-198.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 16:53:10 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 162ms
159ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 162ms
159ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 164ms
160ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 162ms
158ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 237ms
234ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 239ms
235ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 239ms
236ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 237ms
234ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 242ms
239ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 242ms
239ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 243ms
240ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 241ms
239ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 314ms
312ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 312ms
310ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 312ms
310ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 313ms
313ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 311ms
311ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 296ms
296ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 293ms
293ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/ Frame 340E 2 KB
2 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/?random=1655743990573&cv=9&fst=1655743990573&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.zeffy.com%2Fen-CA%2Fembed%2Fdonation-form%2F0fb97d1a-447c-457c-b1a9-f87f0f6ebf93%3Flng%3Den&ref=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F&tiba=Energy%20vs%20Climate%20Donation%20Form&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad67948a6fdfa2c8bcc875ae86759ea0ef8933d9d01b5faabe1ae83f43f8897f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9B0B 41 KB
21 KB 46ms
30ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdrcLYUAAAAAEIDf-hPAsRNvk5txiRVYGpOC9CH&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=rwnfdwut341

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1dfcda7c1e105f6af18139ca564702cc9afc81a32d3f1e05126f9675e11a4dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vuF5w0MQl-wU_a_2xeS9tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21899
content-security-policy: script-src 'report-sample' 'nonce-vuF5w0MQl-wU_a_2xeS9tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 238ms
238ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame E018 18 KB
7 KB 106ms
70ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

222c5e56cff46a5fc6b2a4f723519495e0683c96e9271bf5006218893927956c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KvDtFwY4hRgk9lf45isx0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-KvDtFwY4hRgk9lf45isx0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KvDtFwY4hRgk9lf45isx0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-KvDtFwY4hRgk9lf45isx0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 20 Jun 2022 16:53:10 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/812495571/ Frame 340E 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/812495571/?random=1655743990573&cv=9&fst=1655740800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.zeffy.com%2Fen-CA%2Fembed%2Fdonation-form%2F0fb97d1a-447c-457c-b1a9-f87f0f6ebf93%3Flng%3Den&ref=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F&tiba=Energy%20vs%20Climate%20Donation%20Form&async=1&fmt=3&is_vtc=1&random=1270267830&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/812495571/ Frame 340E 42 B
548 B 45ms
22ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/812495571/?random=1655743990573&cv=9&fst=1655740800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.zeffy.com%2Fen-CA%2Fembed%2Fdonation-form%2F0fb97d1a-447c-457c-b1a9-f87f0f6ebf93%3Flng%3Den&ref=https%3A%2F%2Fwww.energyvsclimate.com%2Fdonate%2F&tiba=Energy%20vs%20Climate%20Donation%20Form&async=1&fmt=3&is_vtc=1&random=1270267830&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Jun 2022 16:53:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 9B0B 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdrcLYUAAAAAEIDf-hPAsRNvk5txiRVYGpOC9CH&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=rwnfdwut341

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 16:16:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 9B0B 366 KB
145 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 16:44:31 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9B0B 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 510802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 21 Jun 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B0B 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 538505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Jun 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B0B 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 510802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Jun 2023 18:59:48 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame E018 2 KB
2 KB 19ms
18ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.energyvsclimate.com
URL: https://www.energyvsclimate.com/donate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9B0B 102 B
132 B 16ms
15ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdrcLYUAAAAAEIDf-hPAsRNvk5txiRVYGpOC9CH&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=rwnfdwut341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Mon, 20 Jun 2022 16:53:10 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn... Frame E018 151 KB
53 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1093608ce254810bffa4e3d2c609e8556428fa02440bb9dc0f571bcf64f81fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54090
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 04:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 16:21:27 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6W... Frame E018 78 KB
28 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccffb735d4d60bde339514eecf6bb0a28ba612bda188efa6a4138de9f6541d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29059
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 01:25:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 16:21:30 GMT

POST
H2 200 / Show response
api.amplitude.com/ Frame 340E 7 B
167 B 171ms
171ms XHR
text/html 52.35.20.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-c306d58b552c8d3f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.20.198 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-20-198.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 20 Jun 2022 16:53:10 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E018 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6501
date: Mon, 20 Jun 2022 15:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Jun 2022 17:04:49 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame E018 1 MB
348 KB 75ms
75ms XHR
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea97379b7f7ccb552276b50290d02deb9890894c58c340f7fbc9fbed7465dd80

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-cevei0bGLeNr9s-ocYe3Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-cevei0bGLeNr9s-ocYe3Qg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Mon, 20 Jun 2022 16:53:10 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-cevei0bGLeNr9s-ocYe3Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-cevei0bGLeNr9s-ocYe3Qg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Mon, 20 Jun 2022 16:53:10 GMT

POST
H3 200 log Show response
play.google.com/ Frame E018 131 B
155 B 37ms
22ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
15ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 20 Jun 2022 16:53:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E018 131 B
155 B 29ms
16ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
16ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 20 Jun 2022 16:53:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E018 131 B
155 B 34ms
18ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 29ms
14ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 20 Jun 2022 16:53:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E018 131 B
155 B 37ms
24ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 25ms
16ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 20 Jun 2022 16:53:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E018 131 B
155 B 30ms
18ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 14ms
14ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 20 Jun 2022 16:53:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6W... Frame E018 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4527958dc5d1b07ffc3821ca3357b6ab42fc78976b8bb88fe6b961a1a003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7231
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 01:25:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 16:21:31 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6W... Frame E018 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72474285eda37d58cff00697d47a38191d7114a3eb2efdaad2677b813a46d96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14168
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 01:25:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 16:21:31 GMT

POST
H3 200 log Show response
play.google.com/ Frame E018 131 B
155 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:11 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:11 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 30ms
15ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 20 Jun 2022 16:53:10 GMT
expires: Mon, 20 Jun 2022 16:53:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 159ms
159ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 158ms
158ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 159ms
159ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 158ms
158ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 log Show response
play.google.com/ Frame E018 131 B
155 B 24ms
23ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Jun 2022 16:53:10 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 20 Jun 2022 16:53:10 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 5158 0
127 B 160ms
159ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-27a69b77022779173f97d52b8ac04d52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Mon, 20 Jun 2022 16:53:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.energyvsclimate.com/	1970-01-20 21:26:55	Name: _ga_XF3CGR69RV Value: GS1.1.1655743988.1.0.1655743988.0
.energyvsclimate.com/	1970-01-20 21:26:55	Name: _ga Value: GA1.2.748385150.1655743988
.energyvsclimate.com/	1970-01-20 03:57:10	Name: _gid Value: GA1.2.914429222.1655743988
.energyvsclimate.com/	1970-01-20 03:55:44	Name: _gat_gtag_UA_180476218_2 Value: 1
m.stripe.com/	1970-01-20 21:26:55	Name: m Value: c0fa3910-b1e8-4d5a-8d29-61ecf2286e3c81b8cb
.www.energyvsclimate.com/	1970-01-20 12:41:19	Name: __stripe_mid Value: 22b1c407-6807-47c5-af7e-7b7d1ccb10364c4268
.www.energyvsclimate.com/	1970-01-20 03:55:45	Name: __stripe_sid Value: 72a018bf-26be-4947-b17d-bc2e8ab01f39c49a8c
.facebook.com/	1970-01-20 06:05:19	Name: fr Value: 0VfZ4Qd85IbQTS3eP..BisKX1...1.0.BisKX1.
.hubspot.com/	1970-01-20 03:55:45	Name: __cf_bm Value: huAdZPdppUxtCxi43hXhKq0Bu8l42ZgAY8e.xgcl37U-1655743990-0-AZFDFlpgZmoKCvLFrh+6D+T16f11fTL7FegCa4WrnmwMMXUfzJ7tFPO4jIyXIp4S3SOM02a6AM64JSgZ84bc/Kg=
.google.com/	1970-01-20 08:19:15	Name: NID Value: 511=ZWZuOovc7bh_mB1P2gux8-6dfFvkZtz-jBADvCw0cBxw4d3QqV3ykiIw55JR0bNpAEzF5lK13ruvCta0uSMQa8Jm1H325Wlh3qE6GLBgzXHd4ClTiaG2QIyk5Hrols7rDctNOwCVMufMOfm_yA8VvsEpt2zz9UO3j0keKOqdyg8
.doubleclick.net/	1970-01-20 03:55:44	Name: test_cookie Value: CheckForPermission

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK(Line 42) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' https://api.crowdhandler.com https://cdn.polyfill.io https://.sentry.io https://www.google.com https://js.stripe.com https://api.stripe.com https://checkout.stripe.com https://dashboard.stripe.com https://files.stripe.com https://m.stripe.com https://m.stripe.network https://q.stripe.com https://verify.stripe.com https://stripe.com https://connect.stripe.com https://www.gstatic.com https://www.google-analytics.com https://www.googletagmanager.com https://.sharethis.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.usemessages.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.googleapis.com https://.ngrok.io https://.facebook.com https://.facebook.net https://script.hotjar.com https://*.pendo.io https://canny.io 'nonce-eEcMtXBOFm68o/faYI6Q4R2PXxqILxA3vdMeQt8cnj4='". Either the 'unsafe-inline' keyword, a hash ('sha256-XOzRZC6c8jHkdUj2vnqqJ6PpxODVECoFIELXWwDidQI='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK(Line 42) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' https://api.crowdhandler.com https://cdn.polyfill.io https://.sentry.io https://www.google.com https://js.stripe.com https://api.stripe.com https://checkout.stripe.com https://dashboard.stripe.com https://files.stripe.com https://m.stripe.com https://m.stripe.network https://q.stripe.com https://verify.stripe.com https://stripe.com https://connect.stripe.com https://www.gstatic.com https://www.google-analytics.com https://www.googletagmanager.com https://.sharethis.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.usemessages.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.googleapis.com https://.ngrok.io https://.facebook.com https://.facebook.net https://script.hotjar.com https://*.pendo.io https://canny.io 'nonce-eEcMtXBOFm68o/faYI6Q4R2PXxqILxA3vdMeQt8cnj4='". Either the 'unsafe-inline' keyword, a hash ('sha256-4b0V+r4LrGvLSNdatvXvxopSj5HxrftkoLWU3hHbnDI='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://js.hsadspixel.net/fb.js Message: Refused to load the script 'https://snap.licdn.com/li.lms-analytics/insight.min.js' because it violates the following Content Security Policy directive: "script-src 'self' https://api.crowdhandler.com https://cdn.polyfill.io https://.sentry.io https://www.google.com https://js.stripe.com https://api.stripe.com https://checkout.stripe.com https://dashboard.stripe.com https://files.stripe.com https://m.stripe.com https://m.stripe.network https://q.stripe.com https://verify.stripe.com https://stripe.com https://connect.stripe.com https://www.gstatic.com https://www.google-analytics.com https://www.googletagmanager.com https://.sharethis.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.usemessages.com https://js.hsadspixel.net https://js.hscollectedforms.net https://.googleapis.com https://.ngrok.io https://.facebook.com https://.facebook.net https://script.hotjar.com https://*.pendo.io https://canny.io 'nonce-eEcMtXBOFm68o/faYI6Q4R2PXxqILxA3vdMeQt8cnj4='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/ Message: Refused to send form data to 'https://www.facebook.com/tr/' because it violates the following Content Security Policy directive: "form-action 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
api.hubapi.com
api.hubspot.com
api.zeffy.com
app.simplyk.io
canny.io
cdn.polyfill.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
o563579.ingest.sentry.io
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
track.hubspot.com
unpkg.com
vars.hotjar.com
www.energyvsclimate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.zeffy.com
snap.licdn.com
142.250.184.226
143.204.89.12
143.204.89.26
143.204.89.5
143.204.89.96
151.101.64.176
192.124.249.19
192.124.249.8
2001:4860:4802:34::36
2600:9000:2156:aa00:0:1a32:efc0:93a1
2606:4700:4400::ac40:9a55
2606:4700::6810:7daf
2606:4700::6811:43b0
2606:4700::6811:74b0
2606:4700::6811:c8cc
2606:4700::6811:d6cc
2606:4700::6811:efcc
2606:4700::6813:9a53
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::5c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::282
2a04:4e42:600::775
34.120.195.249
52.35.20.198
52.38.14.160
54.187.119.242
54.209.91.188
052260173e989705265304ace1b8d2ed07cc7490f6f44ce9b0fc17a66882466c
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0d35cc16e5bfb37be5954519a7bd582b6b698f262fee91321586166bb8e2d222
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1009f10b41504566368096ab63a2dd02a44088a922c2f0e8a9b81f34af19b106
1093608ce254810bffa4e3d2c609e8556428fa02440bb9dc0f571bcf64f81fd5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1564a8a6cf05ed642391a6c4fa766057898eeaa1bc8eec9ae5c6b65c9ba9a8ec
1b5a8b19aeaa51aaa8d917a8a29c13a4f610ea781f7e18ae91d5bdc1953ac64c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f72c858c902661982ea707d99315bd23301fff5749d8254e8c6aabd709805ef
222c5e56cff46a5fc6b2a4f723519495e0683c96e9271bf5006218893927956c
234cca19dbef6d8c969d5c4d8298a33d52ff6d2bbe7874d2cb1d148ff838b595
2553afa3ceb50e7adf833fa0629d1a50ad5a2946407f6bf0102c888a464b1de0
2666d732859d48f58e762ba70b38e4cbd8c7ab2a40caef13803d292d27fb3758
2775ed0dbf1a5f1d8f099f232189995a70267b49c1c4baf5702df7a043643ae7
282523c63529a215ff45f76ca99031e604396f96d4186924e1877656d76860fa
29cdb8b797c49a117de8393feb87c7103f6107900083f820e6a88de56adacce6
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
33acb8492773bdfe6b4f852eaaa7251b2797f682112e20985b3317c297a87111
363d8bd94c1621d67277d539a7778ed011bc634c7eb867c0e50e50243c2f8661
3685691fa45d43357d417d8a286ec15c661357e482c2c744c9a48929ded728a1
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
36f994fa4fed4c327e91a344a97748cb3f88173748402b036b1b4347f230dbc7
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43a8ddba9b8a681b8c99e2d223c9292279b620ea14df51e0bec53bb48457d4d9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
488a016bdc3a7e55a21b3b723e43a9a9fcea36f816f58148935d7f9fbcf0367f
48d0f70dbc3819e9f027c19d497b3a255cee5c88bf9d3ebc3fe00a18dd14986a
49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
539f866ed739cbb23c18ad9dd8524c853217e02e5c0682ef0491b31f0d3ecd3c
54106c31540df33271a401ced5ab7cfcbc7cdc5b7eb81eb0422701c358a6ae07
5418158e0c93460a41edb078ab298ed1a08b0b8a3dae2b3d7a56463bfb970f50
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fb66c9cb56619470be63d8d4b333d68c99d6afc181f00576847d1cf30bef75c
60f5cb73ac37ba1410ef665f59aad06fdf3e2634bdc7b0636c150c8abdef3c22
67c30849edb57d7859cfaefc9bce19b22469dfaeb789d89fc8e65135551a871c
681ca6982c3ac70efe46cef7a09f684b2a8706ba94edd8ac8a3d6235ad683881
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2160c46150e3bf623b4f25272a6d890952b23dd88c91e0feebe11c1beb8546
703a0d2d286674489fe257551ad01817353e8f6275dcdd0535e9cb5092cbe55a
7129fdab432da9a1c7b44879382df2ef8af668e03cde85e61e8f270d737c7bd1
72474285eda37d58cff00697d47a38191d7114a3eb2efdaad2677b813a46d96d
796861e0008bcf62b3ac25369bc9bcf683d7b187a501b516cace7f44b1027efd
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
79a9e0acacd93ec7f298e26059f5f15961224b36ce6190d627ecc0fe21429003
7f77149b1beed108b3d3ad88b9170a8a27e1c6eedb0ed30c698492b4586372d3
8146c50a286b47be9961a985d0e7fa575219923863c987594e54959b0db4c69e
82a8e0e7680644103491c61687d900ccef00ffe78e3a29d9464ae7424069537b
84a8b53575e4ef846f2661f0e5e06a2b4d8dc303b927c590e3ec0a586e35570e
857dcf021006f18df5e72e87501221d5b2f40c7f99c23ef75fa582cca9b49900
8594072dcdae399acb7d8fc3df6e756bc1397c1eae4e1a38d0e65348ceae26f2
86e672cc9523a8a1a6f2ef0b7aee5633bd37dae1d3aec4a69fcbdd42f3d1ecc8
876be3ca435800a192c07d6e93d2c6a21b5e5e471941ceb7d7ebc2217860cde5
884442d29230ea6f3d3aeb5f54c9ea5b2c4636cbf5cae548617ababb7acef81f
8a289d510695a72077ea66e65b9ba5344e1955e81945e054bf2e83b32fa06466
911d7322ec430f9a174688cb80f7b0991bee829fc973a5fcbef9cad792f216dd
91245a49c5631404006a53d81b21b2e5b2f33277954dd09842fc8c185abd410f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9442d8b66a8a96c7ca5db0c71e0be328021e0a200ca127128dede6908a3403a2
9a08bd12671dcef168d6f8f1d32697d235434a3d08554bb4d7454a848957b9c2
9a2385436a9b66bcca89b0dd4b333ed7c19986487d63c2afaa905cf31f536609
9b9b19ea08f080f4c9a52e2b92c7306cbcbc05bf1ca03b791108288ee11ea617
9d9a1ba2ca5cb27e8fea8b7d91bb8f6695aa8d881cb8f96897108f1e1d0bd090
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a1977d79b6ec896a695c961076c3b8b6a0473dd6a97727530d85f483531afb
a1dfcda7c1e105f6af18139ca564702cc9afc81a32d3f1e05126f9675e11a4dc
a20b9dbbc2e1469a8e5c2d596b45ecc0dfe14747163ef4ce5f9e102a0ba5e6df
a28eeaebf0e9b429d223cbe65ff077848faea2c8f0ebf121f2bbe1dbb78ea361
a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a71bf6907c5609a636a7e9ec89409ca5935735060064fd807875425c18b3f636
a8501e897057a0f18eb74544337577c3d1a3971db7de2979ff1ebe5209b52766
aa966d14d5e31f62d152301cc6dee961f94171d2eae54b77216f31b68207d775
ac4a4527958dc5d1b07ffc3821ca3357b6ab42fc78976b8bb88fe6b961a1a003
ad67948a6fdfa2c8bcc875ae86759ea0ef8933d9d01b5faabe1ae83f43f8897f
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af3bdc601c01a1ffd74cd4bd290dfd14ad458c651e9bd761da7920ab6b31f054
b04238981f892a02cf4ffabed9c53ff9f12937a27377e7e3de67c235c639742f
b50c90286dd30854243d02cec95da76b4810d0818d4f2467e953827d51eadf2f
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c0afb5bedce5932a6af587273b3b73bbd3b97a8d0de5031e43f563b20d62be42
c14b0ab6e6d967765a557b6eae5b7c0bc3bcbf21c7fd68768421b077a9aaee89
c6ab47f38185bcb01aebdae2c1d5753fb311500885e201b923b0a0ad6aaa31fd
ca1a889fb5333f3d90bb2d9d6f052625036d98e1340ccfc25709bc7ce9f205dd
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc1d647b3c7b4ba77807b8dbd65f6d334e2a190c420bb787caa0b606097e963f
cccffb735d4d60bde339514eecf6bb0a28ba612bda188efa6a4138de9f6541d7
cfb5826a29c009a1fd08f37647ed2a3ce4b9e563e76bad791ac7ed7961213ce2
cfd4e5dfc349750a4d230ee710464e7937a2f84fd38824548455638d5124a478
d0088c159e550cbd5668e8cf98d399316cc34cea3a8676af0b8bf13ab95a3023
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d261569a3603eb0cedbe836b17914561e7f1b973aa5227220aca849e64ff5f1e
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d98dd2dc353b516b5a144868dedfbc63d4a58ccba93fdc0faeec8845a4f7e8ed
db73dc1a038bef8ce44879575d9bd22b5243619660e909978e0a27e52dd61b81
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddea34ad149fcb4a7db1eab69057062e01d1e652addfa82d3f585693a4a3608c
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e03653211f2b894d28cf67075d7f7b5ff03ace24a1c4337925e93f42b6a1575a
e078c7f2333231376567af00407f22f166a32b0b39c1932de5f151462f26732f
e14fe37164f7c45dec9aa50f605ae8963b2dcc04db4aefdafc028e479b77cfb1
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e2a921d4648d6d46e1c8dca9c27682131cfecc4f07e2dc3532d9ffed5c23a748
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f
e461892edceefeaf98b0fc86ab18a46118a505644061861c3bed637b02708816
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e769b83d38fa051743799cfbee001112098805cec951d31c3f1b2d175e859af4
e857ba22a8e56722f5ef4cb9b20d4167fd2e8c7c433bd27b13cc9df8bcbd9b90
ea380beb1ddf872c38d8b789c2cc4ab3c3c29eb71d909cd8b580c62c16fe65e7
ea97379b7f7ccb552276b50290d02deb9890894c58c340f7fbc9fbed7465dd80
ecc70ebcb2197460768a0ffeaf8ccc3028317ef6d175a1f15c137550dd221628
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f3d64823bc7c7c67894b24038f3c9befd34194e02dc240abb8710b4b44c50b41
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70cd986186697dd0a515465805ff547435bfd78b5b97e3bdcb2c62e35221213
f9b295b3d98b6cc6108076490aef4e30d6f18103a7dc6e63bb871756ae2f2695
fb3d534149ec1d783cf5438722198f3c183c545f5bc936544a803f14669bf23b
fb754ad80921caa4ce8fa99ebf84ce88c1f8c9c1f4420a22ae43888e98b57727
fbdd1c83c6f67c665bf7366867aae333588f79a01ea5bf6860ea87fc3759dd43
fd232cb4aeee2f841a6a8882a2f6495662a958463939dabe52cac6a300b1567d
ff2d760b794858017b7290b971b5b8ef731828ad13c2004f2f2923b3fe902f08

www.energyvsclimate.com Open in urlscan Pro 2a04:4e42:600::775 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

204 Requests

99 %HTTPS

66 %IPv6

30 Domains

41 Subdomains

38 IPs

3 Countries

3847 kBTransfer

12122 kBSize

11 Cookies

5 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.energyvsclimate.com Open in urlscan Pro
2a04:4e42:600::775 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

99 %
HTTPS

66 %
IPv6

30
Domains

41
Subdomains

38
IPs

3
Countries

3847 kB
Transfer

12122 kB
Size

11
Cookies

204 HTTP transactions
1 data transactions