connect.clickandpledge.com Open in urlscan Pro
2600:9000:2156:6c00:15:a715:1180:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.email.ceres.org/?qs=36dd8ae70a1e50ee45427a377f107a5cf3c868db3827fcbec3ada064a80e827d43ab908cf2cdbffeda3dc93a124a...
Effective URL:
https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev...
Submission: On October 30 via manual (October 30th 2023, 2:33:57 pm UTC) from US — Scanned from DE

Summary HTTP 236 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 51 IPs in 5 countries across 38 domains to perform 236 HTTP transactions. The main IP is 2600:9000:2156:6c00:15:a715:1180:93a1, located in United States and belongs to AMAZON-02, US. The main domain is connect.clickandpledge.com. The Cisco Umbrella rank of the primary domain is 421476.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 24th 2023. Valid for: a year.

This is the only time connect.clickandpledge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.231.91.47 66.231.91.47	14340 (SALESFORCE) (SALESFORCE)
30	2600:9000:215... 2600:9000:2156:6c00:15:a715:1180:93a1	16509 (AMAZON-02) (AMAZON-02)
10	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
4	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:225... 2600:9000:2250:d000:1a:e4d5:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:2200:10:82c9:6840:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 5	23.199.216.148 23.199.216.148	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::6812:27b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
9	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4013:c06::5c	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4005:800::2003	15169 (GOOGLE) (GOOGLE)
34	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
3	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2600:9000:223... 2600:9000:223c:6800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	99.86.114.2 99.86.114.2	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	54.231.169.32 54.231.169.32	16509 (AMAZON-02) (AMAZON-02)
1	198.137.150.141 198.137.150.141	16509 (AMAZON-02) (AMAZON-02)
10 11	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
3	44.241.50.239 44.241.50.239	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
236	51

1 66.231.91.47 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.virt.exacttarget.com

click.email.ceres.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:2156:6c00:15:a715:1180:93a1 (United States)

ASN16509 (AMAZON-02, US)

connect.clickandpledge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:d000:1a:e4d5:7700:93a1 (United States)

ASN16509 (AMAZON-02, US)

resources.connect.clickandpledge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2200:10:82c9:6840:93a1 (United States)

ASN16509 (AMAZON-02, US)

aws.cause.clickandpledge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.199.216.148 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-216-148.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:27b5 (United States)

ASN13335 (CLOUDFLARENET, US)

75fc01f3120645c39e3c70274c82795f.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c06::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4005:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.114.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-114-2.lhr61.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.169.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.137.150.141 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:1ec:21::14 (United States) 10 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.241.50.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-50-239.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203 r.stripe.com — Cisco Umbrella Rank: 3546 m.stripe.com — Cisco Umbrella Rank: 1249	766 KB
32	clickandpledge.com connect.clickandpledge.com — Cisco Umbrella Rank: 421476 resources.connect.clickandpledge.com — Cisco Umbrella Rank: 602036 aws.cause.clickandpledge.com — Cisco Umbrella Rank: 892852	535 KB
25	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2685 region1.analytics.google.com — Cisco Umbrella Rank: 3040 play.google.com — Cisco Umbrella Rank: 28	515 KB
20	gstatic.com www.gstatic.com fonts.gstatic.com	852 KB
14	linkedin.com 10 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	13 KB
12	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	275 KB
9	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 8876	32 KB
7	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	41 KB
5	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1767	6 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1136 trc.taboola.com — Cisco Umbrella Rank: 705 trc-events.taboola.com — Cisco Umbrella Rank: 2170	22 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	15 KB
4	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 43051	111 KB
3	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	849 B
3	t.co t.co — Cisco Umbrella Rank: 607	806 B
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 5634 cm.teads.tv — Cisco Umbrella Rank: 4853 t.teads.tv — Cisco Umbrella Rank: 2845	8 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	125 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	23 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	412 B
2	ubembed.com 75fc01f3120645c39e3c70274c82795f.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 12054	49 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245 pixel.quantserve.com — Cisco Umbrella Rank: 964	10 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	60 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	203 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2638	774 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	48 KB
1	amazonaws.com s3.amazonaws.com	398 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2687	257 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	637 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	705 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	4 KB
1	ceres.org 1 redirects click.email.ceres.org www.ceres.org Failed	372 B
0	igodigital.com Failed 10154637.collect.igodigital.com Failed
236	38

	Domain	Requested by
30	connect.clickandpledge.com	connect.clickandpledge.com
26	r.stripe.com	js.stripe.com
15	js.stripe.com	connect.clickandpledge.com js.stripe.com
13	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
12	play.google.com	www.gstatic.com
10	www.paypal.com	connect.clickandpledge.com www.paypal.com www.paypalobjects.com
9	px.ads.linkedin.com	8 redirects snap.licdn.com
9	ssl.kaptcha.com	connect.clickandpledge.com ssl.kaptcha.com
8	q.stripe.com	connect.clickandpledge.com
7	www.paypalobjects.com	connect.clickandpledge.com www.paypal.com www.paypalobjects.com
7	fonts.gstatic.com	fonts.googleapis.com www.google.com connect.clickandpledge.com
7	www.google.com	connect.clickandpledge.com www.gstatic.com www.google.com
5	px.owneriq.net	2 redirects connect.clickandpledge.com px.owneriq.net
4	pay.google.com	js.stripe.com pay.google.com connect.clickandpledge.com www.gstatic.com
4	fonts.googleapis.com	connect.clickandpledge.com
4	doublethedonation.com	connect.clickandpledge.com doublethedonation.com
3	m.stripe.com	m.stripe.network
3	px4.ads.linkedin.com	connect.clickandpledge.com
3	analytics.twitter.com	connect.clickandpledge.com
3	t.co	connect.clickandpledge.com
3	connect.facebook.net	connect.clickandpledge.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com connect.clickandpledge.com
3	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	trc-events.taboola.com	cdn.taboola.com
2	www.facebook.com	connect.clickandpledge.com
2	www.linkedin.com	2 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.de	connect.clickandpledge.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	t.paypal.com	connect.clickandpledge.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	connect.clickandpledge.com www.googletagmanager.com
2	cdn.polyfill.io	connect.clickandpledge.com
2	cdn.jsdelivr.net	connect.clickandpledge.com
1	t.teads.tv	connect.clickandpledge.com
1	pixel.quantserve.com	connect.clickandpledge.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	s3.amazonaws.com	ssl.kaptcha.com
1	vc.hotjar.io	script.hotjar.com
1	cm.teads.tv	p.teads.tv
1	trc.taboola.com	cdn.taboola.com
1	assets.ubembed.com	75fc01f3120645c39e3c70274c82795f.js.ubembed.com
1	alb.reddit.com	connect.clickandpledge.com
1	rules.quantcount.com	secure.quantserve.com
1	script.hotjar.com	static.hotjar.com
1	75fc01f3120645c39e3c70274c82795f.js.ubembed.com	www.googletagmanager.com
1	p.teads.tv	www.googletagmanager.com
1	secure.quantserve.com	connect.clickandpledge.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	aws.cause.clickandpledge.com	connect.clickandpledge.com
1	cdnjs.cloudflare.com	connect.clickandpledge.com
1	resources.connect.clickandpledge.com	connect.clickandpledge.com
1	click.email.ceres.org	1 redirects
0	10154637.collect.igodigital.com Failed	www.googletagmanager.com
0	www.ceres.org Failed	connect.clickandpledge.com
236	59

This site contains links to these domains. Also see Links.

Domain
www.ceres.org

Subject Issuer	Validity	Valid
connect.clickandpledge.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-13`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
doublethedonation.com R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
resources.connect.clickandpledge.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-10-23` - `2023-11-22`	a month	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
aws.cause.clickandpledge.com Amazon RSA 2048 M01	`2023-03-23` - `2024-04-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-08` - `2023-11-06`	3 months	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.js.ubembed.com E1	`2023-10-19` - `2024-01-17`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-16` - `2024-08-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Frame ID: 357DE7AEB8BD2718DEF0B53434189E12
Requests: 119 HTTP requests in this frame

Frame: https://connect.clickandpledge.com/logo.aspx?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Frame ID: 2925E853B6DA6E34535BD022C38C8259
Requests: 4 HTTP requests in this frame

Frame: https://connect.clickandpledge.com/w/parentpage.aspx?id=95bf5259-2fa7-4349-828b-8e506347ba92
Frame ID: 34012D920C9D96F0FBB413F1009EA46E
Requests: 2 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.406&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVh5cEZwWnVHLUltZGJSSFN1OHZ6clBmSmVmem44aGJzN2FiMTIwNmg3UUhQdXJDcUJGc2tJNUZyd3B4RkRjRmd3Q1lvT2NEN3pGVGVzT0wmaW50ZW50PWNhcHR1cmUmY3VycmVuY3k9VVNEJmRlYnVnPWZhbHNlJmVuYWJsZS1mdW5kaW5nPXZlbm1vJmRpc2FibGUtZnVuZGluZz1wYXlsYXRlcixjcmVkaXQsY2FyZCZtZXJjaGFudC1pZD1MQVo3U1ZCWk5XOTk0IiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiQ2xpY2thbmRwbGVkZ2VfQ2FydCIsImRhdGEtdWlkIjoidWlkX2x1Z21leWt0em52ZHBpZXd1dHBwZmRoYmh3eWZ2cSJ9fQ&clientID=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&sdkCorrelationID=f556723677c1f&storageID=uid_ecb1f0dbaf_mtq6mzm6ndg&sessionID=uid_e0ee4189e3_mtq6mzm6ndg&buttonSessionID=uid_ae1d2beb30_mtq6mzm6ndg&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=paylater&disableFunding.1=credit&disableFunding.2=card&merchantID.0=LAZ7SVBZNW994&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Frame ID: F88FC4BD0E3A1BFED527C0178673E1C8
Requests: 8 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 618CE4AC1618610067D1968B5FA38BB8
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: D42C017379EFCBFF1020B5EA173F5D32
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html
Frame ID: F77D53F2B16446A423C5F27EB6D23031
Requests: 33 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html
Frame ID: 7B148FAC35ECE8F8F6FC2DF0FF98F4F8
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-35aa40092c2dacf46311a4316fd7a049.html
Frame ID: DF02530ABC2D1696E3D39E31A626DA51
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA&co=aHR0cHM6Ly9jb25uZWN0LmNsaWNrYW5kcGxlZGdlLmNvbTo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=4lply8rrlllx
Frame ID: CF7E5AB63B53CD208E82899E01D4692D
Requests: 7 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 52C5532C05F7135B020E16C18A46BA8D
Requests: 3 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=text%2Fhtml
Frame ID: 71742B5F6180EAE42F397A2288F66C38
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B10044670ED08DE2FE642C8B5766D849
Requests: 8 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Frame ID: F37C4A70D78800A6F67F75216BB4F1C1
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: B563FEDA4C851976C21FDD76EAE00737
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA
Frame ID: FF269D0F3394778F20016E66D20DB3E6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate

Page URL History Show full URLs

http://click.email.ceres.org/?qs=36dd8ae70a1e50ee45427a377f107a5cf3c868db3827fcbec3ada064a80e827d43ab908c... HTTP 302
https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=em... Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

236
Requests

93 %
HTTPS

51 %
IPv6

38
Domains

59
Subdomains

51
IPs

5
Countries

3780 kB
Transfer

12037 kB
Size

42
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ceres.org/get-involved#daf
Title: Donor Advised Fund.

Search URL Search Domain Scan URL

URL: https://www.ceres.org/get-involved?utm_medium=email&utm_source=eofy_e5&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&utm_source=eofy_e5
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.email.ceres.org/?qs=36dd8ae70a1e50ee45427a377f107a5cf3c868db3827fcbec3ada064a80e827d43ab908cf2cdbffeda3dc93a124aa741c9ffef01056f4901 HTTP 302
https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://px.owneriq.net/eps?pt=9xfyyu&pid=8363&uid=Q7519628312096628101J&l=true HTTP 302
https://px.owneriq.net/noop?ct=text%2Fhtml

Request Chain 125

https://px.owneriq.net/j/?ref=https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM&pt=9xfyyu&t=f%7C%22Donate%22&s=3exn HTTP 302
https://px.owneriq.net/noop?ct=application%2Fx-javascript

Request Chain 159

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D370060%252C5474844%252C88884%252C4575604%252C4019185%26time%3D1698676431673%26url%3Dhttps%253A%252F%252Fconnect.clickandpledge.com%252Fw%252FForm%252F4f32b630-f556-487b-97e7-0c1a8f726287%253Futm_source%253Deofy_e5%2526utm_medium%253Demail%2526utm_campaign%253Ddev_eofy_appeal_ecomm%2526utm_term%253Dmarketingcloud%2526trk%253DO_E_2310_A_05_ECOMM%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKF3HgszAkZ3gAAAYuBAV3TT6hCdjfE4Ls09Z1ohpPew6caX1jqGRz6-cgqruPu8UZ8eeNlM26E

Request Chain 160

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D370060%252C5474844%252C88884%252C4575604%252C4019185%26time%3D1698676431674%26url%3Dhttps%253A%252F%252Fconnect.clickandpledge.com%252Fw%252FForm%252F4f32b630-f556-487b-97e7-0c1a8f726287%253Futm_source%253Deofy_e5%2526utm_medium%253Demail%2526utm_campaign%253Ddev_eofy_appeal_ecomm%2526utm_term%253Dmarketingcloud%2526trk%253DO_E_2310_A_05_ECOMM%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLotbIcUzM-ewAAAYuBAV2gGNwYduxMA8zJwGQVgrihMNQ23ZBTOQkw464k4ohaiK80RiKscEEW

Request Chain 161

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&e_ipv6=AQIGXUAnmDilEgAAAYuBAV0794RCcq7wnXXPvxkg3myPk6ZTuA-8Or_WBRYhO-KSuPr3lxkbwcqN

236 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4f32b630-f556-487b-97e7-0c1a8f726287 Show response
connect.clickandpledge.com/w/Form/
Redirect Chain

http://click.email.ceres.org/?qs=36dd8ae70a1e50ee45427a377f107a5cf3c868db3827fcbec3ada064a80e827d43ab908cf2cdbffeda3dc93a124aa741c9ffef01056f4901
https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM

339 KB
83 KB

994ms
890ms

Document
text/html

2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

eff6a686d4adddbb583298dda457c5104111872ba9102a09f9d401fc6bcd6101

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, no-cache="Set-Cookie", max-age=1
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:47 GMT
expires: Mon, 30 Oct 2023 14:33:48 GMT
last-modified: Mon, 30 Oct 2023 14:33:47 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: wq6rSgK105B1jBfOoISpiW14397QTis2dM4pWfsDiQJSY8S108JK6Q==
x-amz-cf-pop: FRA50-C1
x-aspnet-version: 4.0.30319
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-robots-ta: noindex, nofollow

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 330
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Oct 2023 14:33:45 GMT
Location: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM

GET
H2 200 js Show response
www.paypal.com/sdk/ 273 KB
77 KB 732ms
664ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&intent=capture&currency=USD&debug=false&enable-funding=venmo&disable-funding=paylater,credit,card&merchant-id=LAZ7SVBZNW994

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

85483e1cac61eec394690fed1bfe34107d8012e5cfa5f350960e255ad5ad6638

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Oct 2023 14:33:48 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f220299c865df
server-timing: "traceparent;desc="00-0000000000000000000f220299c865df-4feabd5a0ddcf878-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76672
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f220299c865df-612af44cfc03b296-01
x-timer: S1698676428.826304,VS0,VE642
etag: W/"12b80-4xxEosKDXeBG5TDfg/elxQf8ao8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 wait.css
connect.clickandpledge.com/styles/ 4 KB
1 KB 303ms
296ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/styles/wait.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c649f0f7199356e62f0e8ffdfd6904b6b429d20ecfd291a2a3943c71b1d8f20b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 Feb 2020 00:19:11 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "8e88453471ebd51:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: ksWet2h4d7Q04aSGMzGo9x3Iob4OYwEYROqgTPWHVAmUUyE2aR-0Sg==

GET
H2 200 jquery-3.5.1.min.js Show response
connect.clickandpledge.com/w/scripts/ 87 KB
36 KB 299ms
292ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/scripts/jquery-3.5.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:09 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "d0278c15b3d1d81:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: h38iE89HTl6hB_Ju-sJTHG2YSnUFE6AUFbc_9-O7e2C1ruYcZS7jnw==

GET
H2 200 jquery-ui.min.js Show response
connect.clickandpledge.com/w/scripts/ 249 KB
84 KB 308ms
300ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/scripts/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ad219051333f02ffcdd1347cfd75101df90a5f537498471fba882621ef89fe94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 14:47:35 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "9ab3d2e2166ed91:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: X7qLD5cD43NVWVD364vI77susVjRuLhPtKzfJjLsT9PJ-E_uqa2Q1A==

GET
H2 200 parsley.min.js Show response
connect.clickandpledge.com/w/scripts/ 18 KB
6 KB 325ms
317ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/scripts/parsley.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e59cf093730c741f7da8424d36687165c682c3fc31df3ff87205fa9917eea7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:09 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "44cb9115b3d1d81:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: KGbsVQ99kBAkZJuYpCs8bj1pzW4zwKg8qo1XEG5TjTB_UAfYrczJFg==

GET
H2 200 jquery-ui.min.css
connect.clickandpledge.com/w/Styles/ 30 KB
9 KB 302ms
295ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Styles/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5a6958cfaa81edb55b12d448db9b5eb4c1f009d8a31c9d9b81e44e7e0519610d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 14:47:35 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "20f3f1e2166ed91:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: HXnGaVJ_JS_LBRz7CA9VgRVFDK4PW4lkVKJINSkbr_WbR3cRZgDoow==

GET
H2 200 jquery-blockUI.min.js Show response
connect.clickandpledge.com/w/Scripts/ 9 KB
4 KB 312ms
305ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/jquery-blockUI.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

576cc04efa532a5efe8c9635b94384eaf648b1153b086d29a225575f93e2610a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:09 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "13fc8d15b3d1d81:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: RjkR8SgdcA9g49t-uLbM4SmNiQHh_-7HRJZxNvhPeGhq_uZpeak40Q==

GET
H2 200 jquery.tmpl.min.js Show response
connect.clickandpledge.com/w/Scripts/Formbuilder/ 6 KB
3 KB 324ms
317ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/Formbuilder/jquery.tmpl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ccabadeda98e3785681e98834726e2ad11a2db892882c1279e1bce8456a341e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:09 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "b2188215b3d1d81:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: tLNT0P78UKYs5xBJzIHGDXhuyoDj5kONGS2RIe5B2wsP-_00FK3isg==

GET
H2 200 jquery.datalink.min.js Show response
connect.clickandpledge.com/w/Scripts/Formbuilder/ 3 KB
2 KB 310ms
303ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/Formbuilder/jquery.datalink.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b36f75ebec30f5ffe6efb4aef76ba89f16296ba437de7b0411932bfa9e467b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:09 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "661d8015b3d1d81:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: QgcmiNa_u8sPWafXmRGQgJ8ztWyt3oRuor1SrQ4lNsaQWVgp1o8rcw==

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 450 KB
96 KB 495ms
237ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 72bdb7a0a1ba8e3caa903a3b33ed493c29b87042f2c11c231f932afa7c1c75aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 17:25:58 GMT
server: nginx
etag: "653aa126-17dbc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600;
access-control-allow-credentials: true
content-length: 97724

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 141 KB
13 KB 493ms
235ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: cbc662e7bf1e9a540da6d3afeacd89c3273fc1d28682b5651700e9ecb5fee0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 17:26:00 GMT
server: nginx
etag: "653aa128-336b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600;
access-control-allow-credentials: true
content-length: 13163

GET
H2 200 paymenttype_fb.js Show response
connect.clickandpledge.com/w/Scripts/Formbuilder/ 145 KB
30 KB 315ms
308ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/Formbuilder/paymenttype_fb.js?vs=20231002.004.007.019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b596e05a015a12889c01ce217e1548d49ded909cae9f0a5b90a4c7273c223f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Sep 2023 15:40:29 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "a930ef76d8e0d91:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: sstXL0OK7lAZqYwjlovLRfL5V0UHzFRoJAvFD0CUhGsMA9hIn6FGtw==

GET
H2 200 paymentbinding_fb.js Show response
connect.clickandpledge.com/w/Scripts/Formbuilder/ 9 KB
3 KB 322ms
316ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/Formbuilder/paymentbinding_fb.js?vs=20231002.004.007.019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3a840bd31d43c6edaffa7e1e641c3b497d60a3836a97cf4604d753bc0fe53e53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 May 2023 13:54:25 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "ecdd599b481d91:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: O3QR_J9fBh28QbKzg7E_bFmXnu3unTpySiN_64u2nKvsPNKiA7ENoA==

GET
H2 200 processpayment1_fb.js Show response
connect.clickandpledge.com/w/Scripts/Formbuilder/ 92 KB
21 KB 315ms
309ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/Formbuilder/processpayment1_fb.js?vs=20231002.004.007.019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9fe03963e20b711c4b3a1ff6b9a0bd2a4a26bb91cb5afd6e7948ac18cb5101ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 29 Sep 2023 15:10:10 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "634231ae7f2d91:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: LWaGhaEqSyRC5ZqsHKDM6cuo8VlBp0bFF_qjM6bSVh2ZcfqZX5g24g==

GET
H2 200 getInfo_fb.js Show response
connect.clickandpledge.com/w/Scripts/Formbuilder/ 20 KB
4 KB 320ms
314ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/Formbuilder/getInfo_fb.js?vs=20231002.004.007.019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6d633e63df4b42f21aea037b3a1eb0f790b00da65119cfa92afbedc56772077d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 13:52:57 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "88b7654d21d91:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: BNhjdbWgPyiAbKgOuG1wgCHsdF-o0BE-T4cx2SivYLDFJFRb1Yvg8Q==

GET
H2 200 payment_fb.js Show response
connect.clickandpledge.com/w/Scripts/Formbuilder/ 4 KB
2 KB 318ms
313ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Scripts/Formbuilder/payment_fb.js?vs=20231002.004.007.019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

85e6d828dece4726ffd58be2dc35290dd522540ed5d7feb8d70d64c3aee13058

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 14:15:46 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "488888b338a8d91:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: gymVHkmvmA2k7G1kNcD4-67a4IO2o34fX3JFuos8JnvZA-243kNfBQ==

GET
H2 200 Custombuilder.js Show response
connect.clickandpledge.com/w/Formbuilder/js/ 101 KB
20 KB 319ms
314ms Script
application/javascript 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Formbuilder/js/Custombuilder.js?vs=20231002.004.007.019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

850ab8793e9fa7544f41a74aa089f2a51f1966a8e737cbd851c1b61896b7371a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 15:57:44 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "9bb210aa4e1d91:0"
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: NiCZy1VHtrFNDoxCEJEHx90xHMVZ0FAMGiLKpiyxzhPtlITRtp32iQ==

GET
H2 200 iframeResizer.contentWindow.min.js Show response
resources.connect.clickandpledge.com/Library/ 14 KB
5 KB 555ms
415ms Script
application/javascript 2600:9000:2250:d000:1a:e4d5:7700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.connect.clickandpledge.com/Library/iframeResizer.contentWindow.min.js
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d000:1a:e4d5:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e291e22c061178bfae4f5c46bbdbbc01f83d8e4695d2faddbbf0ddd1ac7d024f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2017 10:45:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"132819fe0a42dc0bbcca15633408a8f6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: JLBu4uEJ091d0MigNMqR06vNiTPjS2OPbYDO_1wAtBo7wzMBr65K8w==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 79ms
30ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f19c0a1483810e10f60f6db0a7cfbe846db99f93be0bc51af190ff2208bfb4d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 30 Oct 2023 14:33:48 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 91ms
41ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
Origin: https://connect.clickandpledge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16184666
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230111-FRA, cache-yyz4545-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQv4AgKe5rc0Vn0x5qFuRaEpPcndm7dhNH0gJqH%2FCJXmP8kIn%2FjXxs0hv2ySUJGenTHWzNXSSC%2F5K1JqLiRMJMoSmhLNoTpacF65N2Q4dGbg6M2wA213ajRhTrAa2SGtOkKR6eFJCFdsoYnbD14%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81e46019cf58360b-FRA

GET
H2 200 css
fonts.googleapis.com/ 206 KB
12 KB 108ms
52ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f7834c19a80aa23f89465c34a1bbb5bb58a9742368b3a72bb37f1c49d607c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 14:33:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 14:33:47 GMT

GET
H2 200 jquery-ui.min.css
connect.clickandpledge.com/w/Formbuilder/addons/jqueryui/ 30 KB
9 KB 290ms
285ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Formbuilder/addons/jqueryui/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5a6958cfaa81edb55b12d448db9b5eb4c1f009d8a31c9d9b81e44e7e0519610d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Apr 2023 14:47:35 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "541eaee2166ed91:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: x-NzBEq5EX7_ggDmKOFrUdrTZSG1ouFUVSYY4xFfxOgB65I96DCodg==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
738 B 95ms
39ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 13:29:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 14:33:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 86ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 13:06:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 14:33:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
603 B 87ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ad61e6094e5bdc2688ddf01cf03dcd97dc1a7ff7e26bda92c99d7d6e3184c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 13:59:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 14:33:47 GMT

GET
H2 200 fontello.css
connect.clickandpledge.com/w/Formbuilder/fonts/fontello/css/ 26 KB
6 KB 301ms
296ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Formbuilder/fonts/fontello/css/fontello.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8be74e0f54558291e54d87610df2b2b927cc4b7405e5b7ce206e54d895665a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:00 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "9788e3fb3d1d81:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: Prbq3bEzJRiShfxqN1-S7moQjExq5u9uMTUZbnSlofOZbkUSo_ijZg==

GET
H2 200 mp.css
connect.clickandpledge.com/w/Formbuilder/css/ 17 KB
3 KB 303ms
299ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Formbuilder/css/mp.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

945362fcd92351e9a01c0eab8d8297fcf5b7ec9d6d145901dc14b0fe2cb668c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:00 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "288d2fb3d1d81:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: qebAU_3Cp4lLV9Nb03SHn1WoLgsZZqNi6xLCfBIbx8Fm1Ntax_iANw==

GET
H2 200 toastr.css
connect.clickandpledge.com/w/Formbuilder/addons/toastr-master/ 7 KB
3 KB 294ms
289ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Formbuilder/addons/toastr-master/toastr.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ec85a5d9c45f5f156bf227e3918f73544273818caca518665ce78da5053e9589

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:00 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "43fc7fb3d1d81:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: pRwqPAYU8EzpMNFF5i_sH19BdubEyQ0b1Hxv5RUX1gAhDnlQ5MufrQ==

GET
H2 200 Customformbuilder.css
connect.clickandpledge.com/w/Formbuilder/css/ 48 KB
10 KB 305ms
301ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Formbuilder/css/Customformbuilder.css?vs=638342588270738448

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4fd0fb43fd39e33c77fc288e5205465f4f346eef58372124a8dab2107a4a8827

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 14:15:46 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "7c2f7cb338a8d91:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: lS_Ziig3_uJP0xTz8Ayd9n2ov7xyQpHBaXktSbZ6DxvFlltMBZKS1w==

GET
H2 200 froala_style.min.css
connect.clickandpledge.com/w/froalaeditor/css/ 7 KB
2 KB 297ms
293ms Stylesheet
text/css 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/froalaeditor/css/froala_style.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

54c840891d9c7f00a37a56da489a41e23c6a9dcd5f21e981a87ac5530068eac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:00 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "61253a10b3d1d81:0"
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
x-amz-cf-id: xzP7K_rnMkdtm2JG9AxS6s8pN214S95Fp9EZG4iqtZKXxqw4zeI3GA==

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
23 KB 81ms
33ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
Origin: https://connect.clickandpledge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21621606
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230133-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFSG7cAta6DcPqGGTxdgYu166k2II3vxxgNKuB8u44wWaChyILilCPSGlIT8aMmJRxJ%2BdyEAc%2FWJrEIfcMeNbOsLeJXtRNcgqNcItbloUgo%2Bt7EWmS0SxdLxFJkprlUMw8yRq0YcdWd9BgQdusE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 81e46019cf5f360b-FRA

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 100 B
563 B 93ms
21ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:47 GMT
age: 1484039
detected-user-agent: Chrome/118.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
normalized-user-agent: chrome/118.0.0
content-type: text/javascript; charset=UTF-8
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.12/ 10 KB
4 KB 87ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.12/clipboard.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 19068044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2933
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M08cQ35QbXGcaRTG%2FpqO9ZDv4UCbEdBjDabG3%2FxCtHOI1PJo7WbQ51D%2FROdQQx6DTitfv1R24zIQOuMgsmFeyE7R8xqPHm2MKS0oEiTuyxSlzdQimT1j1JDEGlG35Mj4eIHmxSku7oKqj%2B18%2BtPaAM9k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81e46019dad09b33-FRA
expires: Sat, 19 Oct 2024 14:33:47 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 549 KB
153 KB 82ms
20ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

374243656715702cf74062718db2bc3a8c7be3622a431495263ec7a3897f436e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:47 GMT
via: 1.1 varnish
age: 1
x-cache: HIT
content-length: 155885
x-request-id: b8219c34-f740-45d5-96e4-515ee6a1f95c
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 27 Oct 2023 20:43:47 GMT
server: Fastly
etag: "3f620b044aa09dad063084d43bc4a8d0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 360 KB
107 KB 114ms
61ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

366bd09e1cb208e52d7ac815a01bb91043368f6dab44dc5268a801dc791ab1a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109423
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Oct 2023 14:33:48 GMT

GET
H2 200 638245831409331465_Ceres_C&P_header_-_NonProfit_logos.png
aws.cause.clickandpledge.com/accounts/50746/connect/images/ 93 KB
93 KB 141ms
25ms Image
image/png 2600:9000:2250:2200:10:82c9:6840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aws.cause.clickandpledge.com/accounts/50746/connect/images/638245831409331465_Ceres_C&P_header_-_NonProfit_logos.png
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2200:10:82c9:6840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 617d0fd7f02c69b9d93c92125c2d92be1b1e7e4ecfd867addb9ebbf77d50dd90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 13:50:38 GMT
x-amz-version-id: 2O_Eh_eWT5nlX_o4x4_cPqxf41eSi6Sl
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jul 2023 14:52:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 2591
etag: "5b8ed91faa00093f6986ad9222a5d756"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 95115
x-amz-cf-id: EdN5YqajeK0emC_R-WWqSsNV3E_uIhXXFGZxm8P7Qzje750HC_x65g==

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 28ms
27ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=connect.clickandpledge.com&t=xo&v=5.0.406&source=payments_sdk&mrid=LAZ7SVBZNW994&client_id=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&intent=capture&currency=USD&debug=false&enable-funding=venmo&disable-funding=paylater,credit,card&merchant-id=LAZ7SVBZNW994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18fedea2490ca736c8b824fea778c8d6a9af539e6791b59ec389fd1b511f9bd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6sUr1cy7FPWGPRYYnzVckF1DYGUN2W7shvoHuQXBregoqRoE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6sUr1cy7FPWGPRYYnzVckF1DYGUN2W7shvoHuQXBregoqRoE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 609
x-cache: HIT, MISS
paypal-debug-id: f2229253812dc
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4783
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f2229253812dc-0464fc0b10407725-01
x-timer: S1698676429.681744,VS0,VE5
etag: W/"3685-wQKVRghE/VJVsTxLFS0n6QY1UCE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 fontello.css
doublethedonation.com/api/fontello/css/ 6 KB
2 KB 118ms
118ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/fontello/css/fontello.css
Requested by: Host: doublethedonation.com
URL: https://doublethedonation.com/api/css/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublethedonation.com/api/css/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 17:18:48 GMT
server: nginx
etag: W/"653a9f78-18f3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600;
access-control-allow-credentials: true

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 464 KB
186 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.clickandpledge.com/
Origin: https://connect.clickandpledge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 12:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190277
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 12:46:22 GMT

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 100 B
211 B 21ms
20ms Other
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:48 GMT
age: 1484040
detected-user-agent: Chrome/118.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
normalized-user-agent: chrome/118.0.0
content-type: text/javascript; charset=UTF-8
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.aspx Show response
connect.clickandpledge.com/ Frame 2925 785 B
1 KB 117ms
117ms Document
text/html 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/logo.aspx?m=140200&s=5fbe32dfcea848aca155f903bf6513b9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c7660c5be4a423d96404315767fc0ba7ad97ec619ba4754397db885927496e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-length: 785
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:48 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: IT2QTBdQGSYiNumzaXyUipV0ZxLeKph3_PxnVHk15W9lnPVHoNZR8g==
x-amz-cf-pop: FRA50-C1
x-aspnet-version: 4.0.30319
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-robots-ta: noindex, nofollow

GET
H2 200 parentpage.aspx Show response
connect.clickandpledge.com/w/ Frame 3401 606 B
1013 B 883ms
883ms Document
text/html 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/parentpage.aspx?id=95bf5259-2fa7-4349-828b-8e506347ba92

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

512f9089a3cf94860f865fa34d84792a1b40c277abd845996b562afc8dab29a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-length: 606
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:48 GMT
server: Microsoft-IIS/10.0
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: QIwB9XAqv78vryZUg5H6cq47B3RQ-QrEafJuJB07M9pvuFnFO9Vv8Q==
x-amz-cf-pop: FRA50-C1
x-aspnet-version: 4.0.30319
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-robots-ta: noindex, nofollow

GET Tofino-book.ttf
www.ceres.org/themes/ceres/assets/fonts/Tofino-book/ 0
0

GET
H2 200 cnp_sprite.png
connect.clickandpledge.com/w/Img/ 26 KB
26 KB 115ms
115ms Image
image/png 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.clickandpledge.com/w/Img/cnp_sprite.png

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Formbuilder/css/Customformbuilder.css?vs=638342588270738448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

647f24577f86180e49d8dd74e70fc11956ee591ca77e03afb5abc359a14e2f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/Formbuilder/css/Customformbuilder.css?vs=638342588270738448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:01 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA50-C1
etag: "54a4d310b3d1d81:0"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
content-length: 26641
x-amz-cf-id: 6qsgXUl_hrR35k2v8AJ1xxbp1d9yHni5-fR_R5qJ8HWYQbOgeKIJEg==

GET Tofino-bold.ttf
www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/ 0
0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
18 KB 106ms
51ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.clickandpledge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:36 GMT
x-content-type-options: nosniff
age: 332172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 75ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.clickandpledge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 332249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:16:19 GMT

GET
H2 200 fontello.woff
connect.clickandpledge.com/w/Formbuilder/fonts/fontello/font/ 63 KB
63 KB 119ms
119ms Font
font/x-woff 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Formbuilder/fonts/fontello/font/fontello.woff?52704225

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Formbuilder/fonts/fontello/css/fontello.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

17187348a997ef2a48d285c58d81cd4474df4f92ab278a6bb7cbd163caded710

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/w/Formbuilder/fonts/fontello/css/fontello.css
Origin: https://connect.clickandpledge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 26 Sep 2022 14:20:00 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA50-C1
etag: "2158e7fb3d1d81:0"
x-cache: Miss from cloudfront
content-type: font/x-woff
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
accept-ranges: bytes
content-length: 64372
x-amz-cf-id: Rs-cTfkq45BWAWZozDRvOEIyphEOe5_US970oxwX63zXoOby84GO8A==

GET Tofino-regular.ttf
www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/ 0
0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame F88F 421 KB
111 KB 488ms
488ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?sdkVersion=5.0.406&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVh5cEZwWnVHLUltZGJSSFN1OHZ6clBmSmVmem44aGJzN2FiMTIwNmg3UUhQdXJDcUJGc2tJNUZyd3B4RkRjRmd3Q1lvT2NEN3pGVGVzT0wmaW50ZW50PWNhcHR1cmUmY3VycmVuY3k9VVNEJmRlYnVnPWZhbHNlJmVuYWJsZS1mdW5kaW5nPXZlbm1vJmRpc2FibGUtZnVuZGluZz1wYXlsYXRlcixjcmVkaXQsY2FyZCZtZXJjaGFudC1pZD1MQVo3U1ZCWk5XOTk0IiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiQ2xpY2thbmRwbGVkZ2VfQ2FydCIsImRhdGEtdWlkIjoidWlkX2x1Z21leWt0em52ZHBpZXd1dHBwZmRoYmh3eWZ2cSJ9fQ&clientID=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&sdkCorrelationID=f556723677c1f&storageID=uid_ecb1f0dbaf_mtq6mzm6ndg&sessionID=uid_e0ee4189e3_mtq6mzm6ndg&buttonSessionID=uid_ae1d2beb30_mtq6mzm6ndg&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=paylater&disableFunding.1=credit&disableFunding.2=card&merchantID.0=LAZ7SVBZNW994&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f0b21fee5fd59d04527449a052ae42519985dfdf6d456ddb2785d806aed7b29

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:49 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"69513-1N+2sc6PCRnW+BleCFJJvjneGtg"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f8031729cd07e
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f8031729cd07e-b0f0076e06cecaa9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f8031729cd07e-e401ec2a12f21508-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
x-timer: S1698676429.898913,VS0,VE464
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 618C 3 KB
1 KB 116ms
26ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC8) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CC8)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 30 Oct 2023 15:33:48 GMT

GET
H2 200 sepa-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 618C 9 KB
3 KB 114ms
25ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/sepa-default.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: ccadaf6ad818a
dc: ccg11-origin-www-1.paypal.com
content-length: 3268
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CCC)
traceparent: 00-0000000000000000000ccadaf6ad818a-2ed6971948ed8d3f-01
etag: W/"642c9aab-2204"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 30 Oct 2023 15:33:48 GMT

GET
H2 200 giropay-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 618C 4 KB
2 KB 113ms
24ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/giropay-default.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC5) /

Resource Hash

07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: f122f43d44cf0
dc: ccg11-origin-www-1.paypal.com
content-length: 1577
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CC5)
traceparent: 00-0000000000000000000f122f43d44cf0-6736339704aca154-01
etag: W/"642c9aab-ed4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 30 Oct 2023 15:33:48 GMT

GET
H2 200 sofort-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 618C 2 KB
1 KB 115ms
26ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/sofort-default.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDC) /

Resource Hash

aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: c62586d7b48aa
dc: ccg11-origin-www-1.paypal.com
content-length: 1109
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CDC)
traceparent: 00-0000000000000000000c62586d7b48aa-fe6bf4094a1d06f5-01
etag: W/"642c9aab-9d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 30 Oct 2023 15:33:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
96 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q6HNM6861G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d7be3025e4978c17296cfd982938b896df143d9d9ca30c4f26ea71015ef2040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 14:33:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2646
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 30 Oct 2023 15:49:42 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 98ms
23ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230061-FRA

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 190ms
21ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1412570/ 64 KB
20 KB 193ms
137ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1412570/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a031a49de0583c96d16a49262ab654bc1bb980b5c8fa7f861b15b480d2824832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: 5MnUjflRy7iAYuHHgJO3_i.Yj7090L3p
content-encoding: gzip
via: 1.1 varnish
date: Mon, 30 Oct 2023 14:33:49 GMT
x-amz-request-id: P4BEM571CRYGFYBZ
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 19983
x-amz-id-2: zBUslScFWSEYy1TgQszMgUJkfqKzTTBTmJ4wogihny7GKHA4T5X7+UwoRvyefSSHkUHXnGhxEug=
x-served-by: cache-fra-eddf8230069-FRA
last-modified: Sun, 29 Oct 2023 11:06:45 GMT
server: AmazonS3
x-timer: S1698676429.974011,VS0,VE105
etag: "8775b5aae97fb9376c5336225861cf49"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 124ms
36ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 07:29:34 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=43440
accept-ranges: bytes
content-length: 3855

GET
H2 200 hotjar-2830954.js Show response
static.hotjar.com/c/ 10 KB
4 KB 84ms
27ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2830954.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

548c4fbd1a3f2512a7047fb241ce2f17f4d98634e2b27a1b5f5dac52be8ad877

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:48 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 58
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/337170ea994939ee4bcfeec8865383d2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: SWxHEW3LrvtDg19YmK5H9cDA6xEX4-Peqv20FIDwi4Cbr9-mOpSynA==

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 118ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 30 Oct 2023 14:33:48 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1E5FDDA941A64C32A6C5B5AE4A2942B1 Ref B: FRAEDGE1414 Ref C: 2023-10-30T14:33:49Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 93ms
26ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 06 Nov 2023 14:33:49 GMT

GET
H/1.1 200
OK 9xfyyu.js Show response
px.owneriq.net/stas/s/ 14 KB
5 KB 97ms
26ms Script
text/javascript 23.199.216.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/stas/s/9xfyyu.js
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.199.216.148 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-216-148.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: 941bdbdcec8fbe92042127e7ad1b6ac8ffed0ef4a4f3ace309251967030baa0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 14:33:49 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
Content-Length: 5087
Expires: Mon, 30 Oct 2023 14:33:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 85ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Oct 2023 14:33:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54253
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: noKFcxfWUnAZmE/rn7/dAqyLz55/IlU1fzrzUE50shmcPE0T98x8i3fIXvls4mNzjj9mr4PTyjFJwaY1MLEdqw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET collect.js
10154637.collect.igodigital.com/ 0
0

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 121ms
26ms Script
application/javascript 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 36ace6e4c38fc4c8a5904f8acd8359f20b14394d5f6177bde16607d10e0c1f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 14:33:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2023 12:54:16 GMT
Server: AmazonS3
x-amz-request-id: 1C20WK9A31SR6BJJ
ETag: "defce75bc9a27c30948c8dc044bb8873"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=189
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6208
x-amz-id-2: C3jufSQt7b+aMwzA5iFWYBRJvbcy6Kpaxi1X+fgecgt7irKqLWmgXyOuizTYYFA1+j46z8ygOfUg/mZbGISNXQ==

GET
H2 200 / Show response
75fc01f3120645c39e3c70274c82795f.js.ubembed.com/ 458 B
710 B 358ms
195ms Script
application/javascript 2606:4700:4400::6812:27b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://75fc01f3120645c39e3c70274c82795f.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74767d740310d5f7dcd8c80959b61eff71119da11ffb45b1e185ef471f273eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
etag: W/"47b81ecb706c16513b43867b22c18511-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 81e4602259941e4f-FRA

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 23ms
22ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=connect.clickandpledge.com&t=xo&v=5.0.406&source=payments_sdk&mrid=LAZ7SVBZNW994&client_id=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: d2dbb468780ca
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-0000000000000000000d2dbb468780ca-4e449d148110827f-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 30 Oct 2023 15:33:49 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
511 B 285ms
188ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ALAZ7SVBZNW994-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ALAZ7SVBZNW994-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0c8d86d6-d047-4925-bded-8ec7d84613d3&fltp=analytics&mrid=LAZ7SVBZNW994&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1698676428921&g=-60&completeurl=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 30 Oct 2023 14:33:49 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 6875709e2f30e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230123-FRA
pragma: no-cache
correlation-id: 6875709e2f30e
traceparent: 00-00000000000000000006875709e2f30e-52aa49b270e87ad1-01
x-timer: S1698676429.111741,VS0,VE160
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 14:33:49 GMT

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ Frame 2925 5 KB
6 KB 707ms
198ms Script
text/javascript 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/logo.aspx?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ce3b65ed6b803306f411d7f27abf4750ed0199dab8ebd832aed3185310846efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:49 GMT
X-Correlation-Id: a245ab66-88ab-4daf-aa6d-5933ab6922cc
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3p: CP=CAO PSA OUR
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame D42C 200 B
840 B 23ms
23ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4468150
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:48 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 157409
x-content-type-options: nosniff
x-request-id: 42509755-e17e-4fb5-9406-2bc35a994740
x-served-by: cache-fra-eddf8230064-FRA

POST
H2 200 getExpirationYear Show response
connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/ 595 B
1013 B 877ms
877ms XHR
application/json 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/getExpirationYear

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/scripts/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3760fbbef56a962e0f22e6e14a5830dfe93375438d064b2c8adf618c5bea2786

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-robots-ta: noindex, nofollow
content-length: 595
x-amz-cf-id: 5kGGZmkKra4AmBSdhX0WVe5oUFtkHtO9m8bMFgt_Gkgtf8AXRANlhA==

POST
H2 200 getAccountConfig Show response
connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/ 306 B
683 B 321ms
321ms XHR
application/json 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/getAccountConfig

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/scripts/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

896720e3d00918f1591f42c1d808fdf1eb0d0db93d1fb87667fd70133e96acef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-robots-ta: noindex, nofollow
content-length: 306
x-amz-cf-id: VhR5nL3RWGEilx6povvGsWbhRXCeIUTHkKazQhHNBMe1hYjrdrVUpw==

POST
H2 200 getCardType Show response
connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/ 121 B
497 B 413ms
413ms XHR
application/json 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/getCardType

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/scripts/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

25d03839cb7fe57c7f74b88fa910fad5aa7c5b5de22457d12d012600cd375446

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Oct 2023 14:33:49 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-robots-ta: noindex, nofollow
content-length: 121
x-amz-cf-id: ibb05SHprv9MpmSQG1zidBZrMIuvO9cdJWulHmvE9huFfTmjPyHWvg==

GET
H2 200 controller-590d20884f008a0f180315cd2bd36918.html Show response
js.stripe.com/v3/ Frame F77D 325 B
716 B 22ms
21ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

98664c05508facd441cca7281149fd48a73d9deb2379ae7044040769fe37f8be

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:50 GMT
etag: "590d20884f008a0f180315cd2bd36918"
last-modified: Fri, 27 Oct 2023 20:07:46 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 16
x-content-type-options: nosniff
x-request-id: cc99a16a-1e8c-4222-9619-7a9f35f354e0
x-served-by: cache-fra-eddf8230064-FRA

GET
H2 200 payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html Show response
js.stripe.com/v3/ Frame 7B14 408 B
1 KB 21ms
21ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

593551bd7d6e1c50e232bc51583f449ad156a62a423b316756a36d1a566c6606

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 238780
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:50 GMT
etag: "056ff14ca6b9a1056afc720594b10fa0"
last-modified: Fri, 27 Oct 2023 20:08:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2917
x-content-type-options: nosniff
x-request-id: 792d6193-2bd3-4513-89ae-d1f81aa7cf49
x-served-by: cache-fra-eddf8230064-FRA

GET
H2 200 payment-request-inner-browser-35aa40092c2dacf46311a4316fd7a049.html Show response
js.stripe.com/v3/ Frame DF02 344 B
1004 B 20ms
20ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-35aa40092c2dacf46311a4316fd7a049.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

992447c4f986619445b240b94287101562b1dacf9d7f1c4b1312f9f00e71f5aa

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:50 GMT
etag: "35aa40092c2dacf46311a4316fd7a049"
last-modified: Fri, 27 Oct 2023 20:08:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 8baca300-7aae-406b-8c8f-59e62bf410cd
x-served-by: cache-fra-eddf8230064-FRA

POST
H2 200 States_Restrict Show response
connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/ 591 B
967 B 334ms
334ms XHR
application/json 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.clickandpledge.com/w/Service/Payment/getInfo.asmx/States_Restrict

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/scripts/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7d8f800beeee2cf67c54f38d5c2af7e2b836bc42df797f00243c61f73c40bb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:50 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-robots-ta: noindex, nofollow
content-length: 591
x-amz-cf-id: Rs3hsd6B6dYGjtG-3Ho8Ll3IbF9C53ZQ3vjA-pnrGU_c2yuCEQXwjQ==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CF7E 58 KB
34 KB 52ms
51ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA&co=aHR0cHM6Ly9jb25uZWN0LmNsaWNrYW5kcGxlZGdlLmNvbTo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=4lply8rrlllx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3e27ab937fd4d5dda9b7c497db93b06f224bcb46c082ceced920377d9464712

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f4jH7C_KfvJKN49ahXBeyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f4jH7C_KfvJKN49ahXBeyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 14:33:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D42C 631 B
593 B 21ms
20ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
age: 4468153
x-cache: HIT
content-length: 399
x-request-id: 340723b2-ea64-49bf-a70f-1a5a627a124f
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 149600

GET Tofino-regular.otf
www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/ 0
0

GET Tofino-book.otf
www.ceres.org/themes/ceres/assets/fonts/Tofino-book/ 0
0

GET Tofino-bold.otf
www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/ 0
0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame F88F 273 KB
76 KB 31ms
31ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.406&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVh5cEZwWnVHLUltZGJSSFN1OHZ6clBmSmVmem44aGJzN2FiMTIwNmg3UUhQdXJDcUJGc2tJNUZyd3B4RkRjRmd3Q1lvT2NEN3pGVGVzT0wmaW50ZW50PWNhcHR1cmUmY3VycmVuY3k9VVNEJmRlYnVnPWZhbHNlJmVuYWJsZS1mdW5kaW5nPXZlbm1vJmRpc2FibGUtZnVuZGluZz1wYXlsYXRlcixjcmVkaXQsY2FyZCZtZXJjaGFudC1pZD1MQVo3U1ZCWk5XOTk0IiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiQ2xpY2thbmRwbGVkZ2VfQ2FydCIsImRhdGEtdWlkIjoidWlkX2x1Z21leWt0em52ZHBpZXd1dHBwZmRoYmh3eWZ2cSJ9fQ&clientID=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&sdkCorrelationID=f556723677c1f&storageID=uid_ecb1f0dbaf_mtq6mzm6ndg&sessionID=uid_e0ee4189e3_mtq6mzm6ndg&buttonSessionID=uid_ae1d2beb30_mtq6mzm6ndg&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=paylater&disableFunding.1=credit&disableFunding.2=card&merchantID.0=LAZ7SVBZNW994&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

85483e1cac61eec394690fed1bfe34107d8012e5cfa5f350960e255ad5ad6638

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.406&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVh5cEZwWnVHLUltZGJSSFN1OHZ6clBmSmVmem44aGJzN2FiMTIwNmg3UUhQdXJDcUJGc2tJNUZyd3B4RkRjRmd3Q1lvT2NEN3pGVGVzT0wmaW50ZW50PWNhcHR1cmUmY3VycmVuY3k9VVNEJmRlYnVnPWZhbHNlJmVuYWJsZS1mdW5kaW5nPXZlbm1vJmRpc2FibGUtZnVuZGluZz1wYXlsYXRlcixjcmVkaXQsY2FyZCZtZXJjaGFudC1pZD1MQVo3U1ZCWk5XOTk0IiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiQ2xpY2thbmRwbGVkZ2VfQ2FydCIsImRhdGEtdWlkIjoidWlkX2x1Z21leWt0em52ZHBpZXd1dHBwZmRoYmh3eWZ2cSJ9fQ&clientID=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&sdkCorrelationID=f556723677c1f&storageID=uid_ecb1f0dbaf_mtq6mzm6ndg&sessionID=uid_e0ee4189e3_mtq6mzm6ndg&buttonSessionID=uid_ae1d2beb30_mtq6mzm6ndg&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=paylater&disableFunding.1=credit&disableFunding.2=card&merchantID.0=LAZ7SVBZNW994&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-CafUwL3NaQTdJklhlbEIYwJgS+Nia9YOlIekiqUw26PujD9u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Oct 2023 14:33:51 GMT
age: 3
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f220299c865df
server-timing: "traceparent;desc="00-0000000000000000000f220299c865df-4feabd5a0ddcf878-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76672
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f220299c865df-612af44cfc03b296-01
x-timer: S1698676431.075360,VS0,VE9
etag: W/"12b80-4xxEosKDXeBG5TDfg/elxQf8ao8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 404 check.gif
connect.clickandpledge.com/w/img/ Frame 3401 103 B
103 B 123ms
123ms Image
text/html 2600:9000:2156:6c00:15:a715:1180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.clickandpledge.com/w/img/check.gif?id=

Requested by

Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/parentpage.aspx?id=95bf5259-2fa7-4349-828b-8e506347ba92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6c00:15:a715:1180:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/w/parentpage.aspx?id=95bf5259-2fa7-4349-828b-8e506347ba92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:50 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA50-C1
x-cache: Error from cloudfront
content-type: text/html
access-control-allow-origin: *
x-robots-ta: noindex, nofollow
content-length: 103
x-amz-cf-id: vrpfY8DEYgnWizn1w__xzWmPKdzM-Lu1lILZ4SoPo7oyup6Oh-PcLg==

GET
H2 200 shared-8d4f78d69d47855dadb7b4b86adc26d3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F77D 515 KB
126 KB 25ms
25ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a66905672d7e0eea64699d27f6cfa162de87e4e36f14fdbb255b84a280c104ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
age: 239095
x-cache: HIT
content-length: 128385
x-request-id: a66606bb-433f-4824-84c4-515012306559
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 27 Oct 2023 20:08:01 GMT
server: Fastly
etag: "fb349ea60dd87eea65afeb2afcc44a03"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7651

GET
H2 200 controller-603f3a4d78ad4fd26331acb1cf82af4d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F77D 653 KB
170 KB 25ms
25ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-603f3a4d78ad4fd26331acb1cf82af4d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

288ab98b390a06f3c1be6ea85b95673fa3dec961e4b465c28efb3ec0a87d5bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
age: 239095
x-cache: HIT
content-length: 173877
x-request-id: e55d762d-7653-43f7-ad7c-5643c433b808
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 27 Oct 2023 20:07:58 GMT
server: Fastly
etag: "02acf19ad48507f021409a0a7c58ec7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7055

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 7B14 117 KB
36 KB 184ms
79ms Script
application/javascript 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

331d24a00a946028929a1df7630b39067f29a853046938c16ab88e3c8992ec9a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-C3UJg2ieBZfEQS1Tb5XiEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-C3UJg2ieBZfEQS1Tb5XiEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 30 Oct 2023 14:33:51 GMT

GET
H2 200 shared-8d4f78d69d47855dadb7b4b86adc26d3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B14 515 KB
126 KB 26ms
25ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a66905672d7e0eea64699d27f6cfa162de87e4e36f14fdbb255b84a280c104ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
age: 239095
x-cache: HIT
content-length: 128385
x-request-id: cfa3fd9e-36de-417b-a8c3-b4899163eb54
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 27 Oct 2023 20:08:01 GMT
server: Fastly
etag: "fb349ea60dd87eea65afeb2afcc44a03"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7652

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B14 10 KB
4 KB 21ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-056ff14ca6b9a1056afc720594b10fa0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
age: 508312
x-cache: HIT
content-length: 4272
x-request-id: 7bf4961d-ff77-43c6-9597-516e36536137
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5908

GET
H2 200 shared-8d4f78d69d47855dadb7b4b86adc26d3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DF02 515 KB
126 KB 33ms
33ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-35aa40092c2dacf46311a4316fd7a049.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a66905672d7e0eea64699d27f6cfa162de87e4e36f14fdbb255b84a280c104ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-35aa40092c2dacf46311a4316fd7a049.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
age: 239095
x-cache: HIT
content-length: 128385
x-request-id: cf5be20e-fcc3-4255-a3b3-18ae0c1a55b3
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 27 Oct 2023 20:08:01 GMT
server: Fastly
etag: "fb349ea60dd87eea65afeb2afcc44a03"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7653

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DF02 12 KB
5 KB 32ms
32ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-35aa40092c2dacf46311a4316fd7a049.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-35aa40092c2dacf46311a4316fd7a049.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
age: 1769301
x-cache: HIT
content-length: 4877
x-request-id: 485bc980-b4d8-43e3-aa7e-0bc42d8fd7ed
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8895

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 96ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q6HNM6861G&gtm=45je3ap0v889594186z877014623&_p=647717286&_gaz=1&gcd=11l1l1l1l1&cid=110575217.1698676431&ul=en-us&ir=1&_eu=EA&_geo=1&_rdi=1&_s=1&sid=1698676431&sct=1&seg=0&dl=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&dt=Donate&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q6HNM6861G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.clickandpledge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 92ms
30ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q6HNM6861G&cid=110575217.1698676431&gtm=45je3ap0v889594186z877014623&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q6HNM6861G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.clickandpledge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 135ms
60ms Image
image/gif 2a00:1450:4005:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q6HNM6861G&cid=110575217.1698676431&gtm=45je3ap0v889594186z877014623&aip=1&z=2044466355

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:800::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame D42C 0
716 B 883ms
421ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431899058
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698676431898022
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D42C 0
716 B 893ms
431ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431900655
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698676431898070
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
DATA 200
OK truncated
/ Frame F88F 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F88F 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F88F 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F88F 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 csp-report
q.stripe.com/ Frame F77D 0
716 B 871ms
421ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431900338
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698676431898059
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7B14 0
716 B 856ms
409ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431898351
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698676431897859
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7B14 0
717 B 844ms
397ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431897174
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698676431896876
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DF02 0
716 B 851ms
404ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431898123
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698676431897817
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DF02 0
716 B 867ms
420ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431898634
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698676431897861
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame CF7E 55 KB
24 KB 73ms
22ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA&co=aHR0cHM6Ly9jb25uZWN0LmNsaWNrYW5kcGxlZGdlLmNvbTo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=4lply8rrlllx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 03:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 03:37:35 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame CF7E 464 KB
186 KB 86ms
35ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 12:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190277
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 12:46:22 GMT

GET
H2 200 modules.69643a16c30805061a6a.js Show response
script.hotjar.com/ 228 KB
56 KB 99ms
27ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.69643a16c30805061a6a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2830954.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

804b13b5357088583d46a0f1d21d67a55ee5717953267d4fee9b2dcccf43b128

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 13:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 4485
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56520
last-modified: Mon, 30 Oct 2023 13:18:22 GMT
etag: "d0307b1dda59561c66df55cc7b4ab03a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zig_Hh3Dct9CxpLVrNA4h6JFNSpGWfvSAo2-uS2Ezgki8KpOOFMQ_w==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
216 B 29ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=647717286&t=pageview&_s=1&dl=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&ul=en-us&de=UTF-8&dt=Donate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=821245770&gjid=761130127&cid=110575217.1698676431&tid=UA-4546055-4&_gid=1377435693.1698676431&_r=1&_slc=1&gtm=45He3ap0n81K7574NDv77014623&gcd=11l1l1l1l1&z=1793483286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.clickandpledge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
374 B 193ms
130ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ceec7e45-b4c6-40e9-8e65-71c54cd26959&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08eab6ff-5394-4907-88a4-33d790877fae&tw_document_href=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nwdom&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 30 Oct 2023 14:33:50 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e521b59c960c4ca0
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7292bb8e0613590a7cb61e2f19a441c19a06ea0d6833017ca209fceb5cb650a4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
239 B 203ms
134ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ceec7e45-b4c6-40e9-8e65-71c54cd26959&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08eab6ff-5394-4907-88a4-33d790877fae&tw_document_href=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nwdom&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 30 Oct 2023 14:33:50 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f1e9271ed98096f0
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 23c96c4a47e2b28401782757e78038277c2544910ced615f7f89e9858f2e10f0
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
227 B 198ms
135ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=aed30481-4ce8-4bb8-b263-0bbd61f9ae22&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08eab6ff-5394-4907-88a4-33d790877fae&tw_document_href=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w3v&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2b9399bd08f7b6d3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7292bb8e0613590a7cb61e2f19a441c19a06ea0d6833017ca209fceb5cb650a4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 202ms
133ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=aed30481-4ce8-4bb8-b263-0bbd61f9ae22&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08eab6ff-5394-4907-88a4-33d790877fae&tw_document_href=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1w3v&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: dd08517c8a2a6aa8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 23c96c4a47e2b28401782757e78038277c2544910ced615f7f89e9858f2e10f0
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
205 B 273ms
211ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=f44dab09-95e3-4b0e-9269-480e10836a2a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08eab6ff-5394-4907-88a4-33d790877fae&tw_document_href=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nwdom&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 185
date: Mon, 30 Oct 2023 14:33:50 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: cfc7632d7e3c1397
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7292bb8e0613590a7cb61e2f19a441c19a06ea0d6833017ca209fceb5cb650a4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
217 B 263ms
195ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f44dab09-95e3-4b0e-9269-480e10836a2a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=08eab6ff-5394-4907-88a4-33d790877fae&tw_document_href=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nwdom&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-response-time: 173
date: Mon, 30 Oct 2023 14:33:50 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9e7646c7342a3adf
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 23c96c4a47e2b28401782757e78038277c2544910ced615f7f89e9858f2e10f0
content-length: 43

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
15 KB 35ms
35ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f765b01b8f755175962ee1c368f6e476dfa67c7c370e9f764c83fb1ca3732922

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 07:29:35 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=9281
accept-ranges: bytes
content-length: 14938

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 38ms
38ms Script
application/javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 07:29:34 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=43438
accept-ranges: bytes
content-length: 3855

GET
H2 200 rules-p-m7Z_X5HCucuBL.js Show response
rules.quantcount.com/ 222 B
705 B 127ms
36ms Script
application/javascript 2600:9000:223c:6800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-m7Z_X5HCucuBL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b34cb37307a818e873e4fefe113d912b7345165a988a6d6d9874c6cedf011c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:23:42 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 222
last-modified: Thu, 13 Oct 2022 22:49:08 GMT
server: AmazonS3
etag: "b61bba35d441348df4a19fe836ce82fd"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: vhII7NQ1Y-Kl5V3mgSUzl2c3Q8I_af54Ms4jOUgrMJYAf2VXRfyTiA==

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 52C5 55 KB
17 KB 25ms
23ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Mon, 30 Oct 2023 14:33:51 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Mon, 30 Oct 2023 15:33:51 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 8df61794d0d09
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000008df61794d0d09-04632a4660860706-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame 7174
Redirect Chain

https://px.owneriq.net/eps?pt=9xfyyu&pid=8363&uid=Q7519628312096628101J&l=true
https://px.owneriq.net/noop?ct=text%2Fhtml

0
369 B

48ms
24ms

Document
text/html

23.199.216.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=text%2Fhtml
Requested by: Host: px.owneriq.net
URL: https://px.owneriq.net/stas/s/9xfyyu.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.199.216.148 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-216-148.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html;charset=UTF-8
Date: Mon, 30 Oct 2023 14:33:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: Apache/2.4.6 (CentOS)
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.33

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 30 Oct 2023 14:33:51 GMT
Location: https://px.owneriq.net/noop?ct=text%2Fhtml
Server: AkamaiGHost

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/
Redirect Chain

https://px.owneriq.net/j/?ref=https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketin...
https://px.owneriq.net/noop?ct=application%2Fx-javascript

0
370 B

32ms
32ms

Script
application/x-javascript

23.199.216.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: HTTP/1.1
Server: 23.199.216.148 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-216-148.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 14:33:51 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Length: 20

Redirect headers

Location: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date: Mon, 30 Oct 2023 14:33:51 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 90ms
23ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1698676431221&id=t2_77fek27h&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=50e9f344-1f90-4b95-82c7-df907c445675&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 147ms
37ms Script
application/javascript 99.86.114.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: 75fc01f3120645c39e3c70274c82795f.js.ubembed.com
URL: https://75fc01f3120645c39e3c70274c82795f.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.114.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-114-2.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 00:28:40 GMT
content-encoding: gzip
via: 1.1 0fe4e9874d2e0d61c17aa980fd6da8ee.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-C1
age: 8431512
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: z7GXLqNaLY-qGw299Pvb1L25e75gtljH7dU2ZwyBZWO8Bds5dfdDnA==

GET
H2 200 676081972763390 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 166ms
165ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/676081972763390?v=2.9.136&r=stable&domain=connect.clickandpledge.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9aeb00336a8b2698bf48bb36828a7137b65a95035b160d4fec959057966ddd3f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Oct 2023 14:33:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Oc0i50DucPfjGFiW/yakiqiRTD0im35M5r2nVWPeu75/iQI+tM8XMDtn1Omwo2+PtkEos75M9nfpJWvMVd9vhQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1412570/trc/3/ 2 KB
2 KB 60ms
43ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1412570/trc/3/json?tim=1698676431258&data=%7B%22id%22%3A954%2C%22ii%22%3A%22%2Fw%2Fform%2F4f32b630-f556-487b-97e7-0c1a8f726287%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1698676431237%2C%22cv%22%3A%2220231026-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-meganmediacauseorg%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1698676431257%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM%22%2C%22tos%22%3A16%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1412570/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b382440aa8839854e794ddc21debfc768f17320bfcac7b13d145628550e2932c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Mon, 30 Oct 2023 14:33:51 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.6840625
x-fastly-to-nlb-rtt: 7283
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230069-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1698676431.379510,VS0,VE22
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B100 930 B
1 KB 33ms
20ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 203
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 14:33:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 354
x-content-type-options: nosniff
x-request-id: aea75ca7-b76b-4cb9-ae37-501b02483fb4
x-served-by: cache-fra-eddf8230064-FRA
x-timer: S1698676431.284160,VS0,VE0

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ Frame 2925 2 KB
2 KB 610ms
202ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d0ebf5edc4d90092b0a2b7bdbe9ac4e20fec0b791b37bc5cc902f6084de77f7a

Request headers

Referer: https://connect.clickandpledge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:51 GMT
X-Correlation-Id: 1d6cd8c5-bef1-44c5-b474-14f7e55e6366
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame F37C 22 KB
22 KB 198ms
198ms Document
text/html 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 1d814bee6f3a92a5fb6cf5089a8ad5d49790794b4cdefdc1c6e61bd2d97dff3f

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Mon, 30 Oct 2023 14:33:51 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: 2dc0f157-4cb7-4912-9b33-a3086a33dfea

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 141 B
868 B 145ms
53ms Fetch
application/json 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&advertiser_id=33874
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86b9da6f93cb2aea390ed4ac218c0e0fe8fe14539df92646d9cf4a9ba060918d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:51 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://connect.clickandpledge.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Origin-Trial: A/ZN3JeVl863wk4gji5LwmyqD8tQETuBB/T7ruSp8OvPp/kIaJGhw4I8mpB3u4vvQoSH2zniTHlhvlBBOA1ZbAkAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2OTUxNjc5OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Connection: keep-alive
Content-Length: 141
Expires: Mon, 30 Oct 2023 14:33:51 GMT

GET
H2 204 134203384.js Show response
bat.bing.com/p/action/ 0
116 B 45ms
45ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134203384.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 30 Oct 2023 14:33:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8D5609BA4A240CDA4FF7A233B6C6982 Ref B: FRAEDGE1414 Ref C: 2023-10-30T14:33:51Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 62ms
62ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134203384&tm=gtm002&Ver=2&mid=9c1dc74a-c041-4b3d-b3da-c7a04e46b45c&sid=58449df0773111eeb18b89366abba90b&vid=5844c840773111ee91545b300b629492&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate&p=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&r=&lt=2651&evt=pageLoad&sv=1&rn=150430

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Oct 2023 14:33:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D32B69D9C244426AA8E8D8BA03CBFC95 Ref B: FRAEDGE1414 Ref C: 2023-10-30T14:33:51Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST csp-report
q.stripe.com/ Frame B100 0
0

POST
H2 200 csp-report
q.stripe.com/ Frame B100 0
490 B 662ms
410ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676431898521
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1698676431897942
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F77D 474 B
373 B 66ms
21ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8a035eb903f293d779f4f3e1655ff15c55602fa6cc9ac43cc406449bb6603800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 42
x-cache: HIT
content-length: 298
x-request-id: c228ca1d-b485-4207-ab59-da42bfad8660
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Fri, 27 Oct 2023 20:43:47 GMT
server: Fastly
etag: "e848dc37069d2abe4ada3ec15d3c2e6a"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F77D 474 B
613 B 54ms
20ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8a035eb903f293d779f4f3e1655ff15c55602fa6cc9ac43cc406449bb6603800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-590d20884f008a0f180315cd2bd36918.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 42
x-cache: HIT
content-length: 298
x-request-id: d914bb36-fcd5-4bfb-a17b-e0370cc60a16
x-served-by: cache-fra-eddf8230115-FRA
last-modified: Fri, 27 Oct 2023 20:43:47 GMT
server: Fastly
etag: "e848dc37069d2abe4ada3ec15d3c2e6a"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 31ms
30ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4546055-4&cid=110575217.1698676431&jid=821245770&gjid=761130127&_gid=1377435693.1698676431&_u=YCDACEAABAAAACAAI~&z=1285680546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.clickandpledge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 14:33:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.clickandpledge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame B100 87 KB
15 KB 23ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 30 Oct 2023 14:33:51 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 128
x-cache: HIT
content-length: 15509
x-request-id: 27a2ca68-e51b-4230-a6b4-ad294c740ce1
x-served-by: cache-fra-eddf8230064-FRA
server: Fastly
x-timer: S1698676431.499728,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 242

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CF7E 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 343105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 02 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF7E 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 214548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF7E 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 332841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:06:30 GMT

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 52C5 18 B
209 B 206ms
204ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D46) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: e3c1a2b231fc7
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D46)
traceparent: 00-0000000000000000000e3c1a2b231fc7-2aa1c4f51f039321-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 30 Oct 2023 14:33:50 GMT

GET Tofino-regular.woff
www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/ 0
0

GET Tofino-bold.woff
www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/ 0
0

GET Tofino-book.woff
www.ceres.org/themes/ceres/assets/fonts/Tofino-book/ 0
0

GET
H2 204 2830954 Show response
vc.hotjar.io/sessions/ 0
257 B 134ms
53ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2830954?s=0.25&r=0.2322409597566717
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.69643a16c30805061a6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: KxxKn9wWD_7IE7HUtG3wdrXH5ScsoLbLRJ7oJmt0qWasbgtQxO4ToQ==

GET
H/1.1 200
OK check.gif
s3.amazonaws.com/clickandpledge/Verify/ Frame F37C 43 B
398 B 407ms
147ms Image
image/gif 54.231.169.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/clickandpledge/Verify/check.gif
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.169.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a21175a8c20c468bd729dc4d9a2f55144ff80ff1940ceb5f62c70772575f0dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssl.kaptcha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 14:33:52 GMT
Last-Modified: Mon, 08 Aug 2016 21:18:33 GMT
Server: AmazonS3
x-amz-request-id: 83EY8WTXCF52Q0J2
ETag: "2dacb5bbb79e92883bee27dfa8c7d05b"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 43
x-amz-id-2: qx0pAj+LNqlZqE/EhxTNVD8JR2Es5HJrAgkuqn34nVa3euTxiyqCGOEjnLBg7WHn4Y18YvIE7iU=

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CF7E 102 B
135 B 31ms
30ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA&co=aHR0cHM6Ly9jb25uZWN0LmNsaWNrYW5kcGxlZGdlLmNvbTo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=4lply8rrlllx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 30 Oct 2023 14:33:51 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4546055-4&cid=110575217.1698676431&jid=821245770&_u=YCDACEAABAAAACAAI~&z=1104361536

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
59ms Image
image/gif 2a00:1450:4005:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4546055-4&cid=110575217.1698676431&jid=821245770&_u=YCDACEAABAAAACAAI~&z=1104361536

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:800::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
213 B 188ms
187ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ALAZ7SVBZNW994-1&page=muse%3Aoffer%3A%3A%3ALAZ7SVBZNW994-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0c8d86d6-d047-4925-bded-8ec7d84613d3&es=visitorInfoFlowStarted&mrid=LAZ7SVBZNW994&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1698676431640&g=-60&completeurl=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 46a254418cd99
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230123-FRA
pragma: no-cache
correlation-id: 46a254418cd99
traceparent: 00-000000000000000000046a254418cd99-3e6d0f9e4c4efb2e-01
x-timer: S1698676432.651781,VS0,VE161
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Oct 2023 14:33:51 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame B563 19 KB
8 KB 96ms
94ms Document
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a1e5da2d96b684a4cf0480ce9e9ccfb54fac54b4871c86b40719ab0c3ef0129

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-HrleOHMPWqP2aEWDF3HrdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-HrleOHMPWqP2aEWDF3HrdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 30 Oct 2023 14:33:51 GMT
expires: Mon, 30 Oct 2023 14:33:51 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame F77D 2 KB
3 KB 340ms
241ms Fetch
application/json 198.137.150.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.137.150.141 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fbe7b28244c92588fbfd6ca8e7bf51402fe07697ae4bedfdd23f1b99e530fd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy-report-only: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
cross-origin-resource-policy: same-site
content-length: 1972
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
444 B 250ms
193ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://connect.clickandpledge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B6F5DA2BC518414A9362910282A1F08B Ref B: FRAEDGE1218 Ref C: 2023-10-30T14:33:51Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://connect.clickandpledge.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYI7+1OSrbOO5qRlv3TOw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D370060%252C5474844%252C88884%252C4575604%252C4019185%26time%3D1698676431673%26url...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7...

0
144 B

209ms
208ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKF3HgszAkZ3gAAAYuBAV3TT6hCdjfE4Ls09Z1ohpPew6caX1jqGRz6-cgqruPu8UZ8eeNlM26E
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4F5C5F244DEB46D2A80D89CBF1B428E8 Ref B: DUS30EDGE0720 Ref C: 2023-10-30T14:33:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI7+1aNC3HqsI4Lssiig==

Redirect headers

date: Mon, 30 Oct 2023 14:33:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B4EAB66CE0814BDFA814F7D93C187803 Ref B: FRAEDGE1218 Ref C: 2023-10-30T14:33:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431673&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKF3HgszAkZ3gAAAYuBAV3TT6hCdjfE4Ls09Z1ohpPew6caX1jqGRz6-cgqruPu8UZ8eeNlM26E
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI7+1WWq95m7ElJLqyiw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D370060%252C5474844%252C88884%252C4575604%252C4019185%26time%3D1698676431674%26url...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7...

0
266 B

205ms
203ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLotbIcUzM-ewAAAYuBAV2gGNwYduxMA8zJwGQVgrihMNQ23ZBTOQkw464k4ohaiK80RiKscEEW
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6D8848AA035541578AE0F2D7339F462D Ref B: DUS30EDGE0720 Ref C: 2023-10-30T14:33:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI7+1Y3CX9DP7mJgsy9w==

Redirect headers

date: Mon, 30 Oct 2023 14:33:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 30B1B49A314641338948239BA6B57A7A Ref B: FRAEDGE1218 Ref C: 2023-10-30T14:33:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431674&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLotbIcUzM-ewAAAYuBAV2gGNwYduxMA8zJwGQVgrihMNQ23ZBTOQkw464k4ohaiK80RiKscEEW
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI7+1VhnxUmh2Rfspdcw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7...

0
144 B

342ms
236ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&e_ipv6=AQIGXUAnmDilEgAAAYuBAV0794RCcq7wnXXPvxkg3myPk6ZTuA-8Or_WBRYhO-KSuPr3lxkbwcqN
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5EC693232A364150883AC6E820C71E9E Ref B: DUS30EDGE0720 Ref C: 2023-10-30T14:33:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI7+1Y7XfEcnGAZwmCzw==

Redirect headers

date: Mon, 30 Oct 2023 14:33:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 42CAD931E8094F86B1235AA87AC2A429 Ref B: FRAEDGE1218 Ref C: 2023-10-30T14:33:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=370060%2C5474844%2C88884%2C4575604%2C4019185&time=1698676431675&url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&tm=gtmv2&cookiesTest=true&e_ipv6=AQIGXUAnmDilEgAAAYuBAV0794RCcq7wnXXPvxkg3myPk6ZTuA-8Or_WBRYhO-KSuPr3lxkbwcqN
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYI7+1UCiAlR3jE1dKwEw==

GET
H2 200 pixel;r=1451733238;labels=_fp.event.Default;rf=0;a=p-m7Z_X5HCucuBL;url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium...
pixel.quantserve.com/ 35 B
372 B 38ms
31ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1451733238;labels=_fp.event.Default;rf=0;a=p-m7Z_X5HCucuBL;url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM;uht=2;fpan=1;fpa=P0-1234364814-1698676431207;pbc=;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=clickandpledge.com;dst=1;et=1698676431676;tzo=-60;ogl=title.%2Cdescription.%2Cimage.https%3A%2F%2Fconnect%252Eclickandpledge%252Ecom%2Fimg%2FOrg-Share-default%252Epng%3F638342588276445382%2Curl.https%3A%2F%2Fconnect%252Eclickandpledge%252Ecom%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%2Cupdated_time.638342588276601720%2Ctype.article;ses=15cbb2e1-99ab-411b-8c03-0f31b97ad823;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 2303249593224994 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 169ms
169ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2303249593224994?v=2.9.136&r=stable&domain=connect.clickandpledge.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9581c6607bada7492388b917a6f8339a06c076746fe7b2f7f4b3f9bccc8142a9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Oct 2023 14:33:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6cWMcOrkE0C9moBlVvKbiTWapvMo4bkncyOMwEWv68UIx/Jyzy7ZwbRfDDZYC1csPxr3FWWxF2OsBwQnEljfcg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 98ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=676081972763390&ev=PageView&dl=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&rl=&if=false&ts=1698676431709&sw=1600&sh=1200&v=2.9.136&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1698676431707.1243414974&cs_est=true&ler=empty&it=1698676431235&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Oct 2023 14:33:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame F88F 1 KB
1 KB 238ms
237ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

30b51d648d2b31b1edfb6335bc1bf143397932184fc624851dac2f0eab8dfaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.406&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVh5cEZwWnVHLUltZGJSSFN1OHZ6clBmSmVmem44aGJzN2FiMTIwNmg3UUhQdXJDcUJGc2tJNUZyd3B4RkRjRmd3Q1lvT2NEN3pGVGVzT0wmaW50ZW50PWNhcHR1cmUmY3VycmVuY3k9VVNEJmRlYnVnPWZhbHNlJmVuYWJsZS1mdW5kaW5nPXZlbm1vJmRpc2FibGUtZnVuZGluZz1wYXlsYXRlcixjcmVkaXQsY2FyZCZtZXJjaGFudC1pZD1MQVo3U1ZCWk5XOTk0IiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiQ2xpY2thbmRwbGVkZ2VfQ2FydCIsImRhdGEtdWlkIjoidWlkX2x1Z21leWt0em52ZHBpZXd1dHBwZmRoYmh3eWZ2cSJ9fQ&clientID=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&sdkCorrelationID=f556723677c1f&storageID=uid_ecb1f0dbaf_mtq6mzm6ndg&sessionID=uid_e0ee4189e3_mtq6mzm6ndg&buttonSessionID=uid_ae1d2beb30_mtq6mzm6ndg&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=paylater&disableFunding.1=credit&disableFunding.2=card&merchantID.0=LAZ7SVBZNW994&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f3229066c1bc7
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f3229066c1bc7-f2197e879c994bd7-01
x-timer: S1698676432.721254,VS0,VE213
etag: W/"400-Yx9C9h4hTP9SUO/rV1fnDjEDChA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 track
t.teads.tv/ 23 B
134 B 202ms
72ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=6.15.2_12a9676&provider=tag&advertiser_id=33874&referer=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&user_session_id=3695218a-f2a1-4782-ab72-8f5a2e55cf42
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 30 Oct 2023 14:33:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 428ms
415ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432103582
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432103334
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 428ms
415ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432101407
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1698676432101192
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 428ms
415ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432103404
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432103236
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 434ms
422ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432101317
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1698676432101164
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 426ms
414ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432098329
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698676432096438
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 415ms
403ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432096616
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432096348
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 416ms
404ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432096830
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432096406
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 416ms
405ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432096721
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698676432096540
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 415ms
404ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432096746
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432096637
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 409ms
400ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432096727
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698676432096594
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 409ms
401ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432096761
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432096614
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 423ms
414ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432101227
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698676432101005
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 422ms
414ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432101321
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432101039
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 421ms
413ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432096834
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1698676432096481
access-control-allow-credentials: true
content-length: 0

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame F88F 1 KB
1 KB 230ms
229ms Ping
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

90e84936ddb9e64e67cd10a3e6d147dc5ba32d1313b59c64c60de5dde2e50341

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.406&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVh5cEZwWnVHLUltZGJSSFN1OHZ6clBmSmVmem44aGJzN2FiMTIwNmg3UUhQdXJDcUJGc2tJNUZyd3B4RkRjRmd3Q1lvT2NEN3pGVGVzT0wmaW50ZW50PWNhcHR1cmUmY3VycmVuY3k9VVNEJmRlYnVnPWZhbHNlJmVuYWJsZS1mdW5kaW5nPXZlbm1vJmRpc2FibGUtZnVuZGluZz1wYXlsYXRlcixjcmVkaXQsY2FyZCZtZXJjaGFudC1pZD1MQVo3U1ZCWk5XOTk0IiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiQ2xpY2thbmRwbGVkZ2VfQ2FydCIsImRhdGEtdWlkIjoidWlkX2x1Z21leWt0em52ZHBpZXd1dHBwZmRoYmh3eWZ2cSJ9fQ&clientID=AXypFpZuG-ImdbRHSu8vzrPfJefzn8hbs7ab1206h7QHPurCqBFskI5FrwpxFDcFgwCYoOcD7zFTesOL&sdkCorrelationID=f556723677c1f&storageID=uid_ecb1f0dbaf_mtq6mzm6ndg&sessionID=uid_e0ee4189e3_mtq6mzm6ndg&buttonSessionID=uid_ae1d2beb30_mtq6mzm6ndg&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=paylater&disableFunding.1=credit&disableFunding.2=card&merchantID.0=LAZ7SVBZNW994&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f322906e5aa26
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f322906e5aa26-1d411b65673a979f-01
x-timer: S1698676432.807862,VS0,VE205
etag: W/"400-T39l8CiKBAOuH8NL1ANeYZsQq4k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame F37C 0
299 B 202ms
202ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:51 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 056b9a6f-3d4d-4bf6-bc2e-9f3cacaa3502
Content-Length: 0
Expires: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame B563 158 KB
56 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriTnXGfrM7He4xcu3RTc5XKCF4Q2A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951e0c96cea840af2b055a50b4434ef2dcf888eebc5f0380981c46a67059baff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 16:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57264
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 05:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 16:14:42 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame B100 156 B
670 B 882ms
204ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f99fb616209cf216633bb421b8150f37baec57b7b7e0ab2d8c69e5fa2ffc511a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676432600585
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1698676432600369
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 395ms
395ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432103576
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432103352
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 399ms
399ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432103839
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1698676432103378
access-control-allow-credentials: true
content-length: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame B563 2 KB
2 KB 135ms
132ms Other
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 30 Oct 2023 14:33:51 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 239ms
192ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 30 Oct 2023 14:33:52 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f322906122d9b
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f322906122d9b-711358b3073b59a4-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230029-FRA, cache-fra-eddf8230029-FRA
x-timer: S1698676432.903629,VS0,VE169

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 52C5 435 B
1 KB 282ms
281ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6771758e998b4859d0684474fa5a59fad372facc35360dddce6ac6f119adf450

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-eHisoBrC7s1Bxp3TCM5Bg3Ldm/dTiI1IptlEjYXLl8raHuEV' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-eHisoBrC7s1Bxp3TCM5Bg3Ldm/dTiI1IptlEjYXLl8raHuEV' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Oct 2023 14:33:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f3229069e3ead
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f3229069e3ead-f967f37e82e6ef61-01
x-timer: S1698676432.098324,VS0,VE259
etag: W/"1b3-dSntEHYgpNH+oOMNLHfE4wEV2P0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame B563 73 KB
27 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj2OW3CsEbQirQUjgErLknl984Eow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriTnXGfrM7He4xcu3RTc5XKCF4Q2A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf1d911a1b4fbb42246b59e3cbe5bf6fbefa3cc285065d02db8fa4a0c6e566f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27249
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 03:27:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:43:10 GMT

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ Frame 2925 0
299 B 200ms
200ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: connect.clickandpledge.com
URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.clickandpledge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:51 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 292f13aa-c6be-4a13-9362-f5a810e39734
Content-Length: 0
Expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2303249593224994&ev=PageView&dl=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&rl=&if=false&ts=1698676431952&sw=1600&sh=1200&v=2.9.136&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1698676431707.1243414974&ler=empty&it=1698676431235&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Oct 2023 14:33:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame FF26 7 KB
1 KB 39ms
38ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a622076895d3d3b7409ad799f9410ccc12d3e0feebe0a05da42d9cbe9bdaf98e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZhiHyHSml96w1krAoYR0Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.clickandpledge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZhiHyHSml96w1krAoYR0Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 14:33:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame B563 1 MB
375 KB 82ms
81ms XHR
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16a060e150e8e80a71359a39972ffe7ef47d37c98da0abebe83a503dcdccbdb1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-CfX18vZk8yjYwxpukbQYEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-CfX18vZk8yjYwxpukbQYEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 30 Oct 2023 14:33:52 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame FF26 55 KB
24 KB 25ms
22ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 03:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 03:37:35 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame FF26 464 KB
186 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 12:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190277
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 04:01:46 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 12:46:22 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame B563 9 KB
4 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj2OW3CsEbQirQUjgErLknl984Eow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0f67393a95d3fbeb9fdda54dad46a14a78dbae2b6b425e5c69d5a74c873d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 03:27:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:43:10 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame B563 37 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.e9pJnUUBfT4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj2OW3CsEbQirQUjgErLknl984Eow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31df49e25d88579264396cd28761b3d59ad51e376fab860b0836430e6c3d97f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14070
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 03:27:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:43:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 118ms
56ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 30 Oct 2023 14:33:52 GMT
expires: Mon, 30 Oct 2023 14:33:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B563 131 B
155 B 136ms
84ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 14:33:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame B563 131 B
155 B 135ms
84ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 14:33:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 116ms
56ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 30 Oct 2023 14:33:52 GMT
expires: Mon, 30 Oct 2023 14:33:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B563 131 B
155 B 136ms
85ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 14:33:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 116ms
57ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 30 Oct 2023 14:33:52 GMT
expires: Mon, 30 Oct 2023 14:33:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B563 131 B
155 B 134ms
84ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 14:33:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 115ms
57ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 30 Oct 2023 14:33:52 GMT
expires: Mon, 30 Oct 2023 14:33:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
275 B 349ms
345ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432297078
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 14
x-stripe-client-envoy-start-time-us: 1698676432296519
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 342ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432297063
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1698676432296618
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame F37C 0
299 B 218ms
218ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:52 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: d186bd63-b813-433d-86e1-6ad88887a5ba
Content-Length: 0
Expires: 0

GET
H2 200 phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js Show response
js.stripe.com/v3/fingerprinted/js/ 129 KB
35 KB 21ms
20ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 14:33:52 GMT
via: 1.1 varnish
age: 1089382
x-cache: HIT
content-length: 36129
x-request-id: cb0c3a6e-acfc-44eb-97e6-6cb9340d93c6
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Thu, 12 Oct 2023 20:01:48 GMT
server: Fastly
etag: "7b4e2a05caba7714610def4c9240cad9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5714

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame F37C 0
299 B 427ms
208ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:52 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: c295a632-2054-4fc1-966a-d5aafd2fbb4e
Content-Length: 0
Expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 328ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432297026
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698676432296577
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 328ms
327ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432297082
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698676432296611
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame B563 131 B
155 B 136ms
86ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 14:33:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
57ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 30 Oct 2023 14:33:52 GMT
expires: Mon, 30 Oct 2023 14:33:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame F37C 0
299 B 599ms
200ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:52 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 1d25a90b-f7fa-4665-9b4f-3c8ebb41c677
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame F37C 0
299 B 610ms
209ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=140200&s=5fbe32dfcea848aca155f903bf6513b9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 30 Oct 2023 14:33:52 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 7d840aa0-b80c-4196-9682-3ac45e87cc4f
Content-Length: 0
Expires: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
55ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 30 Oct 2023 14:33:52 GMT
expires: Mon, 30 Oct 2023 14:33:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B563 131 B
155 B 131ms
85ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 14:33:52 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 303ms
303ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432297631
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698676432297058
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 305ms
305ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432297521
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1698676432297110
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 290ms
289ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432302700
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698676432302357
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 288ms
288ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432302636
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698676432302400
access-control-allow-credentials: true
content-length: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame FF26 41 KB
25 KB 123ms
117ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f938dc52d6634f867742077015b583587413844543dc58e594110d89fc628fe9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 30 Oct 2023 14:33:52 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 269ms
252ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432307271
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698676432307149
access-control-allow-credentials: true
content-length: 0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame FF26 600 B
624 B 24ms
24ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 21:31:20 GMT
x-content-type-options: nosniff
age: 147752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 04 Nov 2023 21:31:20 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame FF26 530 B
554 B 27ms
26ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:58:17 GMT
x-content-type-options: nosniff
age: 200135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:58:17 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame FF26 665 B
689 B 26ms
25ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:38:49 GMT
x-content-type-options: nosniff
age: 284103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 03 Nov 2023 07:38:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF26 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 214549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 02:58:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF26 15 KB
15 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 07:41:07 GMT
x-content-type-options: nosniff
age: 197565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 07:41:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF26 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 332842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:06:30 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame FF26 32 KB
32 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5Ydymtc86sBU6MIuqVSpmHfC3Z9erK_g9Kkln-e2oXP-xg8hxqU4ujcxmWSFgDsew3p-mWeg5Ol2N2NZUaZvkyH-WaoJLc2b6k-qOa9UpiqGPhfdUXLDGTxvZjiwvLDtYX4Yj0UI_cVicpgdBuhhdX0DnyeEgPlnVvsDKt13Msyf8C1Gy8Hvq1f5hgghEafLpjcTBnjvgz62W321EdgwAwE4uWig&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5824697179095a2a24b84536b73ffa30b624c149d1b7c37149db5007e1f2c345

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&k=6LeqPaAUAAAAAChImeD6KE6vSwHUtHOZeit8eVeA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:52 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 30 Oct 2023 14:33:52 GMT

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 653 B
536 B 357ms
122ms XHR
application/json 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=49LXydM47eJ5R3XX

Requested by

Host: doublethedonation.com
URL: https://doublethedonation.com/api/js/ddplugin.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4b3a20f199918b9d6a56529929b58cbaa55db53b6cf376d7c96740516d410855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:33:53 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: br
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 0 Show response
r.stripe.com/ Frame F77D 0
274 B 205ms
205ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8d4f78d69d47855dadb7b4b86adc26d3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
x-stripe-server-envoy-start-time-us: 1698676432816765
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1698676432816304
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame B100 156 B
669 B 205ms
204ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f99fb616209cf216633bb421b8150f37baec57b7b7e0ab2d8c69e5fa2ffc511a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676432831822
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1698676432831589
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame B100 156 B
669 B 255ms
254ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f99fb616209cf216633bb421b8150f37baec57b7b7e0ab2d8c69e5fa2ffc511a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 30 Oct 2023 14:33:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698676432881693
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1698676432881429
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
891 B 191ms
191ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd91423610d703f6d18523ebe2ff147d7a5028a958e8e8f0048633c2707b2a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://connect.clickandpledge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

date: Mon, 30 Oct 2023 14:33:53 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f92865750a759
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230029-FRA, cache-fra-eddf8230029-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f92865750a759-b626454b7378c4a4-01
x-timer: S1698676433.001986,VS0,VE168
etag: W/"3f6-aVM+x+xPe0iQWB2Tr0AR6QxwKN4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://connect.clickandpledge.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 229ms
229ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://connect.clickandpledge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://connect.clickandpledge.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 30 Oct 2023 14:33:52 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f928657c6c5ed
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f928657c6c5ed-67709f5b11bf6607-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230029-FRA, cache-fra-eddf8230029-FRA
x-timer: S1698676433.771916,VS0,VE205

GET
H2 204 unip Show response
trc-events.taboola.com/1412570/log/3/ 0
254 B 109ms
28ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1412570/log/3/unip?en=pre_d_eng_tb&tos=1621&scd=0&ssd=1&est=1698676431240&ver=36&isls=true&src=i&invt=1500&msa=1482&rv=1&tim=1698676432862&vi=1698676431237&ri=75985085fc5821f3350cf788303cb475&ref=null&cv=20231026-7-RELEASE&item-url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1412570/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: https://connect.clickandpledge.com
pragma: no-cache
date: Mon, 30 Oct 2023 14:33:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1412570/log/3/ 0
253 B 28ms
28ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1412570/log/3/unip?en=pre_d_eng_tb&tos=4622&scd=0&ssd=1&est=1698676431240&ver=36&isls=true&src=i&invt=3000&msa=1482&rv=1&tim=1698676435863&vi=1698676431237&ri=75985085fc5821f3350cf788303cb475&ref=null&cv=20231026-7-RELEASE&item-url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1412570/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: https://connect.clickandpledge.com
pragma: no-cache
date: Mon, 30 Oct 2023 14:33:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q6HNM6861G&gtm=45je3ap0v889594186z877014623&_p=647717286&gcd=11l1l1l1l1&cid=110575217.1698676431&ul=en-us&ir=1&_eu=EA&_geo=1&_rdi=1&_s=2&sid=1698676431&sct=1&seg=0&dl=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&dt=Donate&en=Donation%20Page%20View&ep.page_url=https%3A%2F%2Fconnect.clickandpledge.com%2Fw%2FForm%2F4f32b630-f556-487b-97e7-0c1a8f726287%3Futm_source%3Deofy_e5%26utm_medium%3Demail%26utm_campaign%3Ddev_eofy_appeal_ecomm%26utm_term%3Dmarketingcloud%26trk%3DO_E_2310_A_05_ECOMM&ep.ref=&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q6HNM6861G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.clickandpledge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 14:33:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.clickandpledge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.ttf

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.ttf

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.ttf

Domain: 10154637.collect.igodigital.com
URL: http://10154637.collect.igodigital.com/collect.js

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.otf

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.otf

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.otf

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.woff

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.woff

Domain: www.ceres.org
URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.woff

Verdicts & Comments Add Verdict or Comment

423 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:10:28	Name: _GRECAPTCHA Value: 09ALsHHK0aN65mseIyDetpIN6kZyFuUm12-CxdiWWtZN1_K7iMN4O-U3D0d7dWHI3S9vk7ZZajJaKlRYeyLm_YYSg
connect.clickandpledge.com/	1969-12-31 23:59:59	Name: connectv3 Value: 4f5p2wslfktfq5tkcn0jipft
.clickandpledge.com/	1970-01-20 18:00:52	Name: _gcl_au Value: 1.1.1436577314.1698676429
.js.ubembed.com/	1970-01-20 15:51:18	Name: __cf_bm Value: aC88iRn8r_m05_QCf90oXVJOL6eJW045YQGusWpm1qA-1698676429-0-AW+RWMTUkAZ8xver9AH/qdYjPGuPetNUW5J7ahA2E8hF69U23hENRurBhzRAB4fFOKvdjkBdzAA0OXBG+2U585k=
.paypal.com/	1970-01-20 15:55:35	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 15:51:18	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-21 01:27:16	Name: ts Value: vreXpYrS%3D1793370828%26vteXpYrS%3D1698678228%26vr%3D810150bc18b0a79890ad9e69fd55672a%26vt%3D810150bc18b0a79890ad9e69fd556729%26vtyp%3Dnew
.paypal.com/	1970-01-21 01:27:16	Name: ts_c Value: vr%3D810150bc18b0a79890ad9e69fd55672a%26vt%3D810150bc18b0a79890ad9e69fd556729
connect.clickandpledge.com/	1969-12-31 23:59:59	Name: CnP_AB_FN_20210607 Value: Pay208\|ZT++0
ssl.kaptcha.com/	1970-01-20 18:00:52	Name: k Value: 2e71dde06ecb4d59823ed64b8fca9ac3
.clickandpledge.com/	1970-01-21 01:27:16	Name: _ga_Q6HNM6861G Value: GS1.1.1698676431.1.0.1698676431.60.0.0
.clickandpledge.com/	1970-01-21 01:27:16	Name: _ga Value: GA1.2.110575217.1698676431
.clickandpledge.com/	1970-01-20 15:52:42	Name: _gid Value: GA1.2.1377435693.1698676431
.clickandpledge.com/	1970-01-20 15:51:16	Name: _gat_UA-4546055-4 Value: 1
.clickandpledge.com/	1970-01-20 18:00:52	Name: _rdt_uuid Value: 1698676431219.50e9f344-1f90-4b95-82c7-df907c445675
.google.com/	1970-01-20 20:14:47	Name: NID Value: 511=Uy75wvUaL__n6rfaxFye4iP8A0g2ESle3Gk8ydzWNqK6UIR60lj7HeIOs6iLxFiCAM21m29Azob1u2V_FoTTxGguW9iH-GeEHI1Y3Ze_MYZGYjHmpFKgCerMosRYGv0hYPO8EtBfYq01RKqyU_4_aBG_QBDQWX1k3P0iSK2mZt0
.clickandpledge.com/	1970-01-20 15:52:42	Name: _uetsid Value: 58449df0773111eeb18b89366abba90b
.clickandpledge.com/	1970-01-21 01:12:52	Name: _uetvid Value: 5844c840773111ee91545b300b629492
.bing.com/	1970-01-21 01:12:52	Name: MUID Value: 1C5D9B6B8D0C6CDF2C0388D18C676DF4
.twitter.com/	1970-01-21 01:27:16	Name: personalization_id Value: "v1_FNh+wVl6CQaXNxWzmVdySw=="
.t.co/	1970-01-21 01:27:16	Name: muc_ads Value: 94999258-4ac8-4eb9-ba24-fea1d570cf39
.clickandpledge.com/	1970-01-21 00:36:52	Name: _hjSessionUser_2830954 Value: eyJpZCI6IjZjYTRmOWRjLWYxOGYtNWI5Ny04NWY5LTc2NGRhZDM3ZDFmNiIsImNyZWF0ZWQiOjE2OTg2NzY0MzE1NzcsImV4aXN0aW5nIjpmYWxzZX0=
.clickandpledge.com/	1970-01-20 15:51:18	Name: _hjFirstSeen Value: 1
.clickandpledge.com/	1970-01-20 15:51:16	Name: _hjIncludedInSessionSample_2830954 Value: 0
.clickandpledge.com/	1970-01-20 15:51:18	Name: _hjSession_2830954 Value: eyJpZCI6ImRlYWE4NTNhLTNlNWUtNDVkYS04YzNkLWY5MWU3ZjY5MDQwOCIsImNyZWF0ZWQiOjE2OTg2NzY0MzE1NzgsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.clickandpledge.com/	1970-01-20 15:51:18	Name: _hjAbsoluteSessionInProgress Value: 1
.clickandpledge.com/	1970-01-20 18:00:52	Name: _fbp Value: fb.1.1698676431707.1243414974
.clickandpledge.com/	1970-01-20 15:51:18	Name: tfpsi Value: 3695218a-f2a1-4782-ab72-8f5a2e55cf42
.quantserve.com/	1970-01-21 01:21:30	Name: mc Value: 653fbecf-aa9b0-63767-3a7d4
.clickandpledge.com/	1970-01-21 01:15:45	Name: __qca Value: P0-1234364814-1698676431207
connect.clickandpledge.com/	1970-01-21 00:36:52	Name: cdn.clickandpledge.140200.ka.ck Value: 4a37112e67b6aace5491fb9aebf995fa120e22052ab213e44a743296d4a7326c8decc966d7ec2f10765b21ac30fffa254c456ff1fc7e6bcfacabfb8792a63dc6426cfea9ea1982d5277c0dea4cd8dfecf12eefbbf1c02fe890ddc12956cb875af6134a1575b3570361498573bfb72f84e28d83aeac78b8c08ac0ff4bd0edb0ed4213c7055343c770f0242b13662e4012f274c9d4cd4f8cc4bd62
.linkedin.com/	1970-01-20 16:34:28	Name: UserMatchHistory Value: AQI38SqqbknACAAAAYuBAVxsrvCss8ja6xhOeN1ginwl6gfhvJw7x1QiELQCB6gkPhmuTsU0oockCA
.linkedin.com/	1970-01-20 16:34:28	Name: AnalyticsSyncHistory Value: AQKNsTDj4Zx13AAAAYuBAVxsOHJ5P1c35to4UvgRujb-Ey7mgccvD9XlnpdGCu9dPwXdXX4lgH8HunFuEAjT4A
.linkedin.com/	1970-01-20 18:00:52	Name: li_sugr Value: a680691e-535d-4abb-91d9-feef8ca9fa0d
.linkedin.com/	1970-01-21 00:36:52	Name: bcookie Value: "v=2&fc0b68e1-5060-48dc-8e10-b274fcdf038f"
.linkedin.com/	1970-01-20 15:52:42	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2625:u=1:x=1:i=1698676431:t=1698762831:v=2:sig=AQE0C_-lU8aVpAokPt_XfjzG51nSgNUf"
.www.linkedin.com/	1970-01-21 00:36:52	Name: bscookie Value: "v=1&20231030143352c7a9b58c-607d-4b27-8684-c14632e3b05cAQGV-SUVGNN0qov8g-HrE2-0ak3R0F4Z"
.linkedin.com/	1970-01-20 20:10:28	Name: li_gc Value: MTswOzE2OTg2NzY0MzI7MjswMjHznsHQyN6f31Gsj/mm3Fql02rqol/sAJG5j9bRp/8j5g==
m.stripe.com/	1970-01-21 01:27:16	Name: m Value: 1f7afb7b-f2a4-4e45-abf0-31ab854872f8e78f35
connect.clickandpledge.com/	1970-01-20 15:51:18	Name: gtm_page_view Value: 1
.connect.clickandpledge.com/	1970-01-21 00:36:52	Name: __stripe_mid Value: 610efd7b-5199-4a1d-b613-9ea1427e007236255d
.connect.clickandpledge.com/	1970-01-20 15:51:18	Name: __stripe_sid Value: 093e2cde-dfca-41e3-ba36-dc441eccf7e8c5763b

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7574ND(Line 655) Message: Mixed Content: The page at 'https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM' was loaded over HTTPS, but requested an insecure script 'http://10154637.collect.igodigital.com/collect.js'. This request has been blocked; the content must be served over HTTPS.
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.ttf' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.ttf' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.ttf' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.ttf Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://connect.clickandpledge.com/w/img/check.gif?id= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.otf' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.otf' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.otf' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.otf Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.woff' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-book/Tofino-book.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.woff' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-regular/Tofino-regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://connect.clickandpledge.com/w/Form/4f32b630-f556-487b-97e7-0c1a8f726287?utm_source=eofy_e5&utm_medium=email&utm_campaign=dev_eofy_appeal_ecomm&utm_term=marketingcloud&trk=O_E_2310_A_05_ECOMM Message: Access to font at 'https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.woff' from origin 'https://connect.clickandpledge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ceres.org/themes/ceres/assets/fonts/Tofino-bold/Tofino-bold.woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10154637.collect.igodigital.com
75fc01f3120645c39e3c70274c82795f.js.ubembed.com
alb.reddit.com
analytics.twitter.com
assets.ubembed.com
aws.cause.clickandpledge.com
bat.bing.com
cdn.jsdelivr.net
cdn.polyfill.io
cdn.taboola.com
cdnjs.cloudflare.com
click.email.ceres.org
cm.teads.tv
connect.clickandpledge.com
connect.facebook.net
doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
p.teads.tv
pay.google.com
pixel.quantserve.com
play.google.com
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
resources.connect.clickandpledge.com
rules.quantcount.com
s3.amazonaws.com
script.hotjar.com
secure.quantserve.com
snap.licdn.com
ssl.kaptcha.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.paypal.com
t.teads.tv
trc-events.taboola.com
trc.taboola.com
vc.hotjar.io
www.ceres.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
10154637.collect.igodigital.com
q.stripe.com
www.ceres.org
104.244.42.131
104.244.42.69
13.107.42.14
13.32.27.107
141.226.228.48
146.75.116.157
151.101.128.176
151.101.129.140
151.101.193.44
151.101.65.21
151.101.65.35
18.66.112.15
18.66.97.49
192.229.221.25
198.137.150.141
2.18.161.51
2001:4860:4802:34::36
23.199.216.148
23.32.185.35
23.96.109.67
2600:9000:2156:6c00:15:a715:1180:93a1
2600:9000:223c:6800:6:44e3:f8c0:93a1
2600:9000:2250:2200:10:82c9:6840:93a1
2600:9000:2250:d000:1a:e4d5:7700:93a1
2606:4700:4400::6812:27b5
2606:4700::6810:5514
2606:4700::6811:180e
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4005:800::2003
2a00:1450:400c:c04::9d
2a00:1450:4013:c06::5c
2a02:26f0:3500:16::215:148d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::282
2a04:4e42::396
35.81.31.24
44.241.50.239
54.187.159.182
54.231.169.32
66.231.91.47
99.86.114.2
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6
0d7be3025e4978c17296cfd982938b896df143d9d9ca30c4f26ea71015ef2040
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
16a060e150e8e80a71359a39972ffe7ef47d37c98da0abebe83a503dcdccbdb1
17187348a997ef2a48d285c58d81cd4474df4f92ab278a6bb7cbd163caded710
18fedea2490ca736c8b824fea778c8d6a9af539e6791b59ec389fd1b511f9bd1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d814bee6f3a92a5fb6cf5089a8ad5d49790794b4cdefdc1c6e61bd2d97dff3f
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
25d03839cb7fe57c7f74b88fa910fad5aa7c5b5de22457d12d012600cd375446
288ab98b390a06f3c1be6ea85b95673fa3dec961e4b465c28efb3ec0a87d5bf7
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578
30b51d648d2b31b1edfb6335bc1bf143397932184fc624851dac2f0eab8dfaeb
31df49e25d88579264396cd28761b3d59ad51e376fab860b0836430e6c3d97f8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331d24a00a946028929a1df7630b39067f29a853046938c16ab88e3c8992ec9a
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
366bd09e1cb208e52d7ac815a01bb91043368f6dab44dc5268a801dc791ab1a2
36ace6e4c38fc4c8a5904f8acd8359f20b14394d5f6177bde16607d10e0c1f7e
374243656715702cf74062718db2bc3a8c7be3622a431495263ec7a3897f436e
3760fbbef56a962e0f22e6e14a5830dfe93375438d064b2c8adf618c5bea2786
3a840bd31d43c6edaffa7e1e641c3b497d60a3836a97cf4604d753bc0fe53e53
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a1e5da2d96b684a4cf0480ce9e9ccfb54fac54b4871c86b40719ab0c3ef0129
4b3a20f199918b9d6a56529929b58cbaa55db53b6cf376d7c96740516d410855
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4fd0fb43fd39e33c77fc288e5205465f4f346eef58372124a8dab2107a4a8827
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
512f9089a3cf94860f865fa34d84792a1b40c277abd845996b562afc8dab29a3
51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5
548c4fbd1a3f2512a7047fb241ce2f17f4d98634e2b27a1b5f5dac52be8ad877
54c840891d9c7f00a37a56da489a41e23c6a9dcd5f21e981a87ac5530068eac8
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
576cc04efa532a5efe8c9635b94384eaf648b1153b086d29a225575f93e2610a
5824697179095a2a24b84536b73ffa30b624c149d1b7c37149db5007e1f2c345
593551bd7d6e1c50e232bc51583f449ad156a62a423b316756a36d1a566c6606
5a6958cfaa81edb55b12d448db9b5eb4c1f009d8a31c9d9b81e44e7e0519610d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad61e6094e5bdc2688ddf01cf03dcd97dc1a7ff7e26bda92c99d7d6e3184c3e
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
617d0fd7f02c69b9d93c92125c2d92be1b1e7e4ecfd867addb9ebbf77d50dd90
647f24577f86180e49d8dd74e70fc11956ee591ca77e03afb5abc359a14e2f4d
6771758e998b4859d0684474fa5a59fad372facc35360dddce6ac6f119adf450
6d633e63df4b42f21aea037b3a1eb0f790b00da65119cfa92afbedc56772077d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
72bdb7a0a1ba8e3caa903a3b33ed493c29b87042f2c11c231f932afa7c1c75aa
74767d740310d5f7dcd8c80959b61eff71119da11ffb45b1e185ef471f273eb1
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d8f800beeee2cf67c54f38d5c2af7e2b836bc42df797f00243c61f73c40bb2a
7f0b21fee5fd59d04527449a052ae42519985dfdf6d456ddb2785d806aed7b29
804b13b5357088583d46a0f1d21d67a55ee5717953267d4fee9b2dcccf43b128
80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850ab8793e9fa7544f41a74aa089f2a51f1966a8e737cbd851c1b61896b7371a
85483e1cac61eec394690fed1bfe34107d8012e5cfa5f350960e255ad5ad6638
85e6d828dece4726ffd58be2dc35290dd522540ed5d7feb8d70d64c3aee13058
86b9da6f93cb2aea390ed4ac218c0e0fe8fe14539df92646d9cf4a9ba060918d
896720e3d00918f1591f42c1d808fdf1eb0d0db93d1fb87667fd70133e96acef
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a035eb903f293d779f4f3e1655ff15c55602fa6cc9ac43cc406449bb6603800
8be74e0f54558291e54d87610df2b2b927cc4b7405e5b7ce206e54d895665a20
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
90e84936ddb9e64e67cd10a3e6d147dc5ba32d1313b59c64c60de5dde2e50341
941bdbdcec8fbe92042127e7ad1b6ac8ffed0ef4a4f3ace309251967030baa0a
945362fcd92351e9a01c0eab8d8297fcf5b7ec9d6d145901dc14b0fe2cb668c2
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
951e0c96cea840af2b055a50b4434ef2dcf888eebc5f0380981c46a67059baff
9581c6607bada7492388b917a6f8339a06c076746fe7b2f7f4b3f9bccc8142a9
98664c05508facd441cca7281149fd48a73d9deb2379ae7044040769fe37f8be
992447c4f986619445b240b94287101562b1dacf9d7f1c4b1312f9f00e71f5aa
9aeb00336a8b2698bf48bb36828a7137b65a95035b160d4fec959057966ddd3f
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9f7834c19a80aa23f89465c34a1bbb5bb58a9742368b3a72bb37f1c49d607c93
9fe03963e20b711c4b3a1ff6b9a0bd2a4a26bb91cb5afd6e7948ac18cb5101ce
a031a49de0583c96d16a49262ab654bc1bb980b5c8fa7f861b15b480d2824832
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a21175a8c20c468bd729dc4d9a2f55144ff80ff1940ceb5f62c70772575f0dcf
a622076895d3d3b7409ad799f9410ccc12d3e0feebe0a05da42d9cbe9bdaf98e
a66905672d7e0eea64699d27f6cfa162de87e4e36f14fdbb255b84a280c104ac
aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad219051333f02ffcdd1347cfd75101df90a5f537498471fba882621ef89fe94
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b34cb37307a818e873e4fefe113d912b7345165a988a6d6d9874c6cedf011c10
b36f75ebec30f5ffe6efb4aef76ba89f16296ba437de7b0411932bfa9e467b58
b382440aa8839854e794ddc21debfc768f17320bfcac7b13d145628550e2932c
b596e05a015a12889c01ce217e1548d49ded909cae9f0a5b90a4c7273c223f49
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0
c649f0f7199356e62f0e8ffdfd6904b6b429d20ecfd291a2a3943c71b1d8f20b
c7660c5be4a423d96404315767fc0ba7ad97ec619ba4754397db885927496e5e
c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cbc662e7bf1e9a540da6d3afeacd89c3273fc1d28682b5651700e9ecb5fee0db
ccabadeda98e3785681e98834726e2ad11a2db892882c1279e1bce8456a341e9
cd91423610d703f6d18523ebe2ff147d7a5028a958e8e8f0048633c2707b2a5b
ce3b65ed6b803306f411d7f27abf4750ed0199dab8ebd832aed3185310846efb
cf1d911a1b4fbb42246b59e3cbe5bf6fbefa3cc285065d02db8fa4a0c6e566f7
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0ebf5edc4d90092b0a2b7bdbe9ac4e20fec0b791b37bc5cc902f6084de77f7a
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
dc0f67393a95d3fbeb9fdda54dad46a14a78dbae2b6b425e5c69d5a74c873d25
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e291e22c061178bfae4f5c46bbdbbc01f83d8e4695d2faddbbf0ddd1ac7d024f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59cf093730c741f7da8424d36687165c682c3fc31df3ff87205fa9917eea7b3
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ec85a5d9c45f5f156bf227e3918f73544273818caca518665ce78da5053e9589
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff6a686d4adddbb583298dda457c5104111872ba9102a09f9d401fc6bcd6101
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f19c0a1483810e10f60f6db0a7cfbe846db99f93be0bc51af190ff2208bfb4d3
f3e27ab937fd4d5dda9b7c497db93b06f224bcb46c082ceced920377d9464712
f765b01b8f755175962ee1c368f6e476dfa67c7c370e9f764c83fb1ca3732922
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f938dc52d6634f867742077015b583587413844543dc58e594110d89fc628fe9
f99fb616209cf216633bb421b8150f37baec57b7b7e0ab2d8c69e5fa2ffc511a
fbe7b28244c92588fbfd6ca8e7bf51402fe07697ae4bedfdd23f1b99e530fd5d
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

connect.clickandpledge.com Open in urlscan Pro 2600:9000:2156:6c00:15:a715:1180:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

236 Requests

93 %HTTPS

51 %IPv6

38 Domains

59 Subdomains

51 IPs

5 Countries

3780 kBTransfer

12037 kBSize

42 Cookies

2 Outgoing links

Page URL History

Redirected requests

236 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

connect.clickandpledge.com Open in urlscan Pro
2600:9000:2156:6c00:15:a715:1180:93a1 Public Scan

Screenshot
Live screenshot

Full Image

236
Requests

93 %
HTTPS

51 %
IPv6

38
Domains

59
Subdomains

51
IPs

5
Countries

3780 kB
Transfer

12037 kB
Size

42
Cookies

236 HTTP transactions
7 data transactions