donate.wfp.org Open in urlscan Pro
34.117.85.67  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://donate.wfp.org/ HTTP 307
   https://donate.wfp.org/1243/donation/regular/?campaign=1517& Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

• https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 HTTP 302
• https://5499309.fls.doubleclick.net/activityi;dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26

Request Chain 47

• https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 HTTP 302
• https://10390555.fls.doubleclick.net/activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26

Request Chain 50

• https://adservice.google.de/ddm/fls/i/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 HTTP 302
• https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26

Request Chain 155

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPau96zh34IDFZXJOwIdhW8LIA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6386469586138%3Bauiddc%3D477449509.1700936260%3Bgtm%3D45fe3b81%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&ocp_id=RTpiZY7WK-vA9u8Pk4uNoAo&sscte=1&crd=&pscrd=IhMIzoypreHfggMVa6D9Bx2TRQOk HTTP 302
• https://www.google.com/pagead/1p-conversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPau96zh34IDFZXJOwIdhW8LIA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6386469586138%3Bauiddc%3D477449509.1700936260%3Bgtm%3D45fe3b81%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzoypreHfggMVa6D9Bx2TRQOk&is_vtc=1&ocp_id=RTpiZY7WK-vA9u8Pk4uNoAo&cid=CAQSKQDICaaNzJteZLktHKP3KQg_5UTgGb_yB8hJYe_COx22yodG2peDpfJr&random=375539760&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPau96zh34IDFZXJOwIdhW8LIA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6386469586138%3Bauiddc%3D477449509.1700936260%3Bgtm%3D45fe3b81%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzoypreHfggMVa6D9Bx2TRQOk&is_vtc=1&ocp_id=RTpiZY7WK-vA9u8Pk4uNoAo&cid=CAQSKQDICaaNzJteZLktHKP3KQg_5UTgGb_yB8hJYe_COx22yodG2peDpfJr&random=375539760&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hBKEBi1igRimJ7QvC2q64yFdOSVwEAhA3YOxqFR24HTwPxEymbA-QwTjmFh2aX77F0baN7KWwE7uh3r3QTPNtp3

Request Chain 157

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer=https%3A%2F%2Fadservice.google.com%2F&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a659-dd83c19d0952%253A1700936262.1505668%26_%3D1700936262.1520758&cb=1700936262.1521041 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a659-dd83c19d0952%253A1700936262.1505668%26_%3D1700936262.1520758 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.1520758

Request Chain 158

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyOTAxNjM2NTQ1NA==&forward= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESECCK2xIm-c99o7rrHr4fybc&google_cver=1 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer={encSite}&forward= HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a659-dd83c19d0952%253A1700936262.1505668%26_%3D1700936262.314138&cb=1700936262.3142002 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a659-dd83c19d0952%253A1700936262.1505668%26_%3D1700936262.314138 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.314138

Request Chain 159

• https://ib.adnxs.com/setuid?entity=18&code=5133329529016365454 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329529016365454

Request Chain 160

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329529016365454&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329529016365454&redir=

Request Chain 163

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5133329529016365454&bid=omt9pi0

Request Chain 166

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329529016365454&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329529016365454&forward=&C=1

Request Chain 173

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZWI6RgACSdkYFQAM HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWI6RgACSdkYFQAM&_test=ZWI6RgACSdkYFQAM

317 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response donate.wfp.org/1243/donation/regular/ Redirect Chain http://donate.wfp.org/ https://donate.wfp.org/1243/donation/regular/?campaign=1517&	2 MB 157 KB	963ms 932ms	Document text/html	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Express Resource Hash 6663cc064bf67bc9325bb0aa9050b526e75bdb3fab0160b9de66212b4fc419ea Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges none access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control max-age=5,stale-when-revalidate=5 content-encoding gzip content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:39 GMT etag "202594-iAU9jbSwF/WY9ySaZ/S93TZZwXQ" server Google Frontend vary User-Agent, Accept-Encoding via 1.1 google x-powered-by Express Redirect headers Cache-Control private Content-Length 0 Content-Type text/html; charset=UTF-8 Date Sat, 25 Nov 2023 18:17:38 GMT Location https://donate.wfp.org:443/1243/donation/regular/?campaign=1517&
GET H2	200	optimize.js Show response www.googleoptimize.com/	128 KB 50 KB	178ms 62ms	Script application/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-P2GL7X7 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3e3dd746449104e7a52a2002771b15138ba3da5807fe2a03fab428a2ff96b7c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50397 x-xss-protection 0 last-modified Sat, 25 Nov 2023 18:00:00 GMT server Google Tag Manager vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin https://donate.wfp.org cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 25 Nov 2023 18:17:39 GMT
GET H2	200	b2a457a.modern.js Show response donate.wfp.org/_wfp/	3 KB 1 KB	48ms 46ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/b2a457a.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash ddeead0bf45de6827976be6b4cc01037068e8e45c1f35cad1b2f491a44454efe Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 14:42:25 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 790514 etag W/"a24-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1318
GET H2	200	13bb4f0.modern.js Show response donate.wfp.org/_wfp/	232 KB 66 KB	44ms 43ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/13bb4f0.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash f3cb3c087377fcd1ff6696de65730b49d301d4f18c962818b4e353f4f304295b Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 20:54:04 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 854615 etag W/"10954-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context a06ac842bca38693b5674ef94d25bfbb cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67924
GET H2	200	78441d1.css donate.wfp.org/_wfp/css/	25 KB 2 KB	28ms 27ms	Stylesheet text/css	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/css/78441d1.css Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 8a8d4136dabd1cf4aa79d26dfc7ff9a04b8c381eca79f2898529dff1fad43c1c Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 13 Nov 2023 04:00:50 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 1088209 etag W/"8bd-18b643a5f48" vary Accept-Encoding content-type text/css; charset=UTF-8 x-cloud-trace-context d7634c705ca5a4eba91dc0d7aef4ba4c cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2237
GET H2	200	c56b242.modern.js Show response donate.wfp.org/_wfp/	161 KB 29 KB	38ms 37ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/c56b242.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 963c3fa180130d94bbbe4cf496ea3a0e0526d5769346213dfaadf3ef8e15c3d1 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 21:10:32 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 680827 etag W/"729e-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context d5a46e0d32cc718bc367114c5ecf98a4 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29342
GET H2	200	e5c9029.css donate.wfp.org/_wfp/css/	335 KB 42 KB	23ms 22ms	Stylesheet text/css	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/css/e5c9029.css Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 85e0445d24cfa83afcc9f008f279842a3f908626f8526de2dfff8830a82d7968 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 12 Nov 2023 06:29:50 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 1165669 etag W/"a804-18b643a5f48" vary Accept-Encoding content-type text/css; charset=UTF-8 x-cloud-trace-context f33e2594ddc8b46d064a17703f3c19a5 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43012
GET H2	200	4c3d56f.modern.js Show response donate.wfp.org/_wfp/	542 KB 125 KB	30ms 29ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/4c3d56f.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash c6c4e845e4dc9ba0b301440636d207d11b148ade47f88fbe016aac1fc701d7a7 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 18:51:18 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 861981 etag W/"1f24c-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 70720a64058baab8a7700b323074593a cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127564
GET H2	200	gtm.js Show response www.googletagmanager.com/	368 KB 108 KB	197ms 88ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 31f47c2f8c07444eb8756837bbe5ae226c10b3bd32b1a0ae94c9513ff61e592a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 109855 x-xss-protection 0 last-modified Sat, 25 Nov 2023 18:00:00 GMT server Google Tag Manager vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin https://donate.wfp.org cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 25 Nov 2023 18:17:39 GMT
GET H3	200	Open_Sans-400-latin48.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	15ms 15ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-400-latin48.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 21:13:21 GMT via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 680658 etag W/"af00-18b643a5f48" content-type font/woff2 x-cloud-trace-context ac0d3819de0de23d199aa9fa5a14d6f7 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
GET H3	200	js Show response www.googletagmanager.com/gtag/	279 KB 92 KB	205ms 96ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a57861b23b27ed72ecbb9d5ccc914f451ec90306da33105118c0f8555ca8a36f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 94255 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:39 GMT
GET H2	200	activityi;dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl... Show response 5499309.fls.doubleclick.net/ Frame 3B82 Redirect Chain https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uaf... https://5499309.fls.doubleclick.net/activityi;dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;...	627 B 532 B	73ms 73ms	Document text/html	142.250.186.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5499309.fls.doubleclick.net/activityi;dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f6.1e100.net Software cafe / Resource Hash 6ce7e82dcaef31a63f2847e70605e72e9b045c6d3c5df8e880b24a11f9454370 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 356 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://5499309.fls.doubleclick.net/activityi;dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	176ms 56ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 25 Nov 2023 17:49:38 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1682 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 25 Nov 2023 19:49:38 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	61ms 33ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sat, 25 Nov 2023 18:17:39 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6229EC0D230746099204A0E87810E075 Ref B: FRAEDGE1518 Ref C: 2023-11-25T18:17:39Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	29ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 25 Nov 2023 18:17:39 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug F/IPJm39rYmdLzn+Ud6mTc6vDApVSgCNXvLb417ZYXXSqhwT0g7USBXKg3Y4f+QFEdYmvr2maZWS6eSiJWOc8Q== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	201 KB 73 KB	165ms 68ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-597680250 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c9773effb5a80449b2104342cfac2b822ba71904d27749ed3ef8c7577e599c95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74268 x-xss-protection 0 last-modified Sat, 25 Nov 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 25 Nov 2023 18:17:39 GMT
GET H2	200	adalyser.js Show response c5.adalyser.com/	30 KB 10 KB	155ms 32ms	Script application/javascript	52.211.13.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c5.adalyser.com/adalyser.js?cid=wfp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.13.25 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-13-25.eu-west-1.compute.amazonaws.com Software / Express Resource Hash e51fc1d194ae40ce2db4ba6abce427ad95cc98d505a4e7346c0c6f6eae33b1c9 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:39 GMT content-encoding gzip x-powered-by Express etag "c45b12ad070ae9f57c6c09ebf86fe40d82a75110" p3p CP="ADMa OUR IND DSP NON COR" access-control-allow-origin * content-type application/javascript cache-control public, max-age=21600 access-control-allow-credentials true access-control-allow-headers origin, content-type, accept content-length 10207
GET H/1.1	200 OK	wcslog.js Show response wcs.naver.net/	20 KB 7 KB	200ms 9ms	Script application/javascript	23.56.200.15 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://wcs.naver.net/wcslog.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.56.200.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-200-15.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9dacfcf9410f6668fb5d537146dc3f6016ef8a93e42c02afc2359fa3cc384c85 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 25 Nov 2023 18:17:40 GMT Content-Encoding gzip Last-Modified Thu, 02 Mar 2023 06:30:22 GMT Server nginx ETag "6400427e-4e4d" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1933 Connection keep-alive Accept-Ranges bytes Content-Length 6784 Expires Sat, 25 Nov 2023 18:49:53 GMT
GET H2	200	1877519415676647 Show response connect.facebook.net/signals/config/	133 KB 35 KB	12ms 12ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1877519415676647?v=2.9.138&r=stable&domain=donate.wfp.org Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ab426523959a82bdb6eeca4714108b895b0ec9b11483552e537c20a0b4fa269a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 25 Nov 2023 18:17:39 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 35393 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug FvmYP5mQ/jK+FJpXijU2fcAKjUYIRowTOlRCZ1IENxBVn490cGFmnv5S+dx9tDwwAny93sfP3NaWICmBgjYhBQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	22021902.js Show response bat.bing.com/p/action/	0 116 B	29ms 29ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/22021902.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Sat, 25 Nov 2023 18:17:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7018977216544143A6BA7BCFA960ABD8 Ref B: FRAEDGE1518 Ref C: 2023-11-25T18:17:39Z x-cache CONFIG_NOCACHE
GET H2	200	/ www.facebook.com/tr/	0 185 B	23ms 7ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1877519415676647&ev=PageView&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&rl=&if=false&ts=1700936259938&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1700936259937.1671188741&ler=empty&it=1700936259911&coo=false&rqm=GET Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 25 Nov 2023 18:17:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	p c5.adalyser.com/tracking/track/v3/	43 B 341 B	32ms 32ms	Image image/gif	52.211.13.25 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c5.adalyser.com/tracking/track/v3/p?stm=1700936260044&e=lce1&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&cid=wfp&p=%7B%22et%22%3A1700936260043%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%229eb16c94-94f7-49c1-a426-c406a3375b80%22%2C%22duid%22%3A%220ce61dee-d414-4ba0-a9e4-a8fbca2042b8%22%2C%22cw%22%3A1700936260043%2C%22lp%22%3A%22https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26%22%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&domain=donate.wfp.org Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.13.25 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-13-25.eu-west-1.compute.amazonaws.com Software / Express Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT x-powered-by Express etag W/"2b-B//0C13UlayirE4cP7xgqg" p3p CP="ADMa OUR IND DSP NON COR" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers origin, content-type, accept content-length 43 expires 0
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 221 B	63ms 63ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1423125560&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=985866055&gjid=1140366427&cid=19549956.1700936260&tid=UA-127155074-1&_gid=1232132989.1700936260&_r=1&_slc=1&gtm=45He3b81n71KN3K8Dv6630861&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2024193855 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 523ccc05bf563e4086b1e1ffbf44fa63b0777f85d40b0119e8739a3aaeec900b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 70 B	62ms 62ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1423125560&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAACAAI~&jid=1064331913&gjid=1874024319&cid=19549956.1700936260&tid=UA-2556524-1&_gid=1232132989.1700936260&_slc=1&gtm=45He3b81n71KN3K8Dv6630861&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=762225992 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 348 B	450ms 52ms	XHR text/plain	2a00:1450:400c:c09::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=19549956.1700936260&jid=1064331913&gjid=1874024319&_gid=1232132989.1700936260&_u=YGDAiEABBAAAAGAAI~&z=1529027351 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 83 B	63ms 62ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1423125560&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAGAAI~&jid=1855293622&gjid=1524382645&cid=19549956.1700936260&tid=UA-2556524-57&_gid=1232132989.1700936260&_r=1&_slc=1&gtm=45He3b81n71KN3K8Dv6630861&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=376499871 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 9ee1bc4923dc7344b0c712352a782fcadcd1bbeda8b3a7059f60944a7e1305b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 69 B	389ms 54ms	XHR text/plain	2a00:1450:400c:c09::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-127155074-1&cid=19549956.1700936260&jid=985866055&gjid=1140366427&_gid=1232132989.1700936260&_u=YEBAAEAAAAAAACAAI~&z=357190105 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	227 KB 81 KB	68ms 68ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6ce4065133ebab0794e392cf647fc7d58e1e1a57b47a9b130693fe1c9b073326 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82835 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:40 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	227 KB 81 KB	75ms 75ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0409105527df42e20be7d63eb2e3157e9799483a708e518d4b097db530753fc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82733 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:40 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/	3 KB 2 KB	359ms 65ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/?random=1700936260149&cv=11&fst=1700936260149&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9171398942&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&hn=www.googleadservices.com&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&auid=477449509.1700936260&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-597680250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6f5000867a7e53eb21fe47e30970ac0a486e219d67a9ece1b175a0b660046d61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1319 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	b wcs.naver.com/	0 630 B	1206ms 258ms	Ping text/plain	210.89.167.46 NHN-AS-KR NAVER C...
General Check archive.org Show headers Download Go to Full URL https://wcs.naver.com/b Requested by Host: wcs.naver.net URL: https://wcs.naver.net/wcslog.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 210.89.167.46 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR), Reverse DNS Software wcs / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT x-content-type-options nosniff server wcs accept-ch Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version p3p CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true expires Tue, 01 Jan 1980 09:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 253 B	292ms 36ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je3b81v9100514608z86630861&_p=1700936259488&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=19549956.1700936260&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700936260&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&dt=UN%20World%20Food%20Programme%20(WFP)&en=page_view&_fv=1&_ss=1&_c=1&tfd=1853 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	309ms 53ms	Ping text/plain	2a00:1450:400c:c09::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TL7TXTVCYL&cid=19549956.1700936260&gtm=45je3b81v9100514608z86630861&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	347ms 93ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TL7TXTVCYL&cid=19549956.1700936260&gtm=45je3b81v9100514608z86630861&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=175492683 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	200ms 91ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=19549956.1700936260&jid=1064331913&_u=YGDAiEABBAAAAGAAI~&z=1860777140 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	96ms 95ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=19549956.1700936260&jid=1064331913&_u=YGDAiEABBAAAAGAAI~&z=1860777140 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	0 bat.bing.com/action/	0 284 B	32ms 32ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=22021902&tm=gtm002&Ver=2&mid=23a03dae-4345-4b74-a375-0c0aefce52c5&sid=eb8008808bbe11eeb5ec451dcbec775c&vid=eb800a908bbe11ee9500174ddebdc46b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=UN%20World%20Food%20Programme%20(WFP)&p=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&r=&lt=2270&evt=pageLoad&sv=1&rn=797844 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 25 Nov 2023 18:17:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 960D28901A1049289C9435ECB0435BE2 Ref B: FRAEDGE1518 Ref C: 2023-11-25T18:17:40Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;u... Show response adservice.google.com/ddm/fls/i/ Frame DBC5	626 B 732 B	243ms 96ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/activityi;dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b757cc702770a4cf133eedf86dca2775f945eae5a9c9b7a1862aa93ec71c0ccb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5499309.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 357 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	2dda680.modern.js Show response donate.wfp.org/_wfp/	25 KB 6 KB	17ms 17ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/2dda680.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/b2a457a.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 89d23c80cd405eb7c2eac1f1ff719f3db7261870c6bd7532eced55c04d75f3c8 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 20:51:26 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 681974 etag W/"177f-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 6ceba0f6cd6a22a6230781d973e2002b cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6015
GET H3	200	e87ce1e.modern.js Show response donate.wfp.org/_wfp/	139 B 156 B	18ms 18ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/e87ce1e.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/b2a457a.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 8dc5232f0ce9d4a84d95b6d83cf77c20b788accdaee706e57c5030a36faa19e8 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 17:40:37 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 866223 etag W/"8b-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 135
GET H2	200	/ www.google.com/pagead/1p-user-list/597680250/	42 B 455 B	95ms 64ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/597680250/?random=1700936260149&cv=11&fst=1700935200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9171398942&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNVHmxhfkeI4qnoDrXoUyTaYjXTDO0YYxYzSQfam6xv-j1vDJ8&random=2754698573&rmt_tld=0&ipr=y Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/597680250/	42 B 154 B	69ms 69ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/597680250/?random=1700936260149&cv=11&fst=1700935200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9171398942&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNVHmxhfkeI4qnoDrXoUyTaYjXTDO0YYxYzSQfam6xv-j1vDJ8&random=2754698573&rmt_tld=1&ipr=y Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	38ms 38ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-7B8MHJ3Q6W&gtm=45je3b81v9125479407&_p=1700936259488&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=19549956.1700936260&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&dt=UN%20World%20Food%20Programme%20(WFP)&sid=1700936260&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2369 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	destination Show response www.googletagmanager.com/gtag/	180 KB 66 KB	69ms 69ms	Script application/javascript	2a00:1450:4001:81c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash de0eb0af9517ea78e9a6ef8d4cebe55918abbbdb4708b9824df457d284401aab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67298 x-xss-protection 0 last-modified Sat, 25 Nov 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 25 Nov 2023 18:17:40 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	35ms 35ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-C9S5DE8LYK&gtm=45je3b81v9125080481&_p=1700936259488&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=19549956.1700936260&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&dt=UN%20World%20Food%20Programme%20(WFP)&sid=1700936260&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2385 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:40 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	v3 Show response js.stripe.com/	556 KB 154 KB	45ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/2dda680.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:40 GMT via 1.1 varnish age 4 x-cache HIT content-length 157307 x-request-id 5d6d84b2-85d8-44b2-8b2d-64238ed00e0e x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 22:15:37 GMT server Fastly etag "e28d4375fad3ffbfb5f7bdf0303a2787" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 2
GET H3	200	1243 Show response donate.wfp.org/_content/get/pages/en-gb/	11 KB 2 KB	33ms 33ms	XHR application/json	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_content/get/pages/en-gb/1243 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Express Resource Hash d4e3e3ab2d1430539181a8d2124c78c8cf21a4d8a1cab51cc7cdb44ffc54c33a Request headers Accept application/json, text/plain, */* Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:40 GMT content-encoding gzip via 1.1 google server Google Frontend age 0 x-powered-by Express etag W/"2c72-L6PNbV74+lE3l0oXHafpzTl83BU" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 8653204e165c7356d5a6a61c8caa4a1a cache-control max-age=49 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1564
GET H3	200	translations Show response donate.wfp.org/_content/get/bundle/en-gb/	81 KB 9 KB	46ms 46ms	XHR application/json	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_content/get/bundle/en-gb/translations Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Express Resource Hash f56a44aeab94ec6e9d6f31f92582e25ac79fdf3c787618d709585909fcf65459 Request headers Accept application/json, text/plain, */* Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517& accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:40 GMT content-encoding gzip via 1.1 google server Google Frontend x-powered-by Express etag W/"143f3-Dls9r3YF308skoqw3NwMweFCni0" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=60 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;ua... Show response 10390555.fls.doubleclick.net/ Frame C599 Redirect Chain https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0... https://10390555.fls.doubleclick.net/activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sy...	1 KB 585 B	82ms 82ms	Document text/html	142.250.186.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://10390555.fls.doubleclick.net/activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f6.1e100.net Software cafe / Resource Hash 9a0247f221739ebcabaca0dd68374829d47f9d68ac7f21346332ad5df6a7e9b2 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 562 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:40 GMT expires Sat, 25 Nov 2023 18:17:40 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://10390555.fls.doubleclick.net/activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ www.facebook.com/tr/	0 54 B	8ms 7ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1877519415676647&ev=PageView&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&rl=&if=false&ts=1700936260851&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1700936259937.1671188741&ler=empty&it=1700936259911&coo=false&rqm=GET Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 25 Nov 2023 18:17:40 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	7eb7061.modern.js Show response donate.wfp.org/_wfp/	1 KB 414 B	121ms 120ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/7eb7061.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/b2a457a.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 607f124f180d0722361dbf030fb56190ab6bc2a8695661eb101a0fee1efa55c6 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 17:47:54 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 1786 etag W/"403-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 393
GET H3	200	dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;u... Show response 5499309.fls.doubleclick.net/ddm/fls/r/ Frame 2170 Redirect Chain https://adservice.google.de/ddm/fls/i/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=... https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;...	1 KB 512 B	78ms 76ms	Document text/html	142.250.186.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f6.1e100.net Software cafe / Resource Hash df0bf760cc1d13496b7fd35d6f1d597dfe0f4effb93eebddae26465dde2582f4 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 489 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:41 GMT expires Sat, 25 Nov 2023 18:17:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:41 GMT expires Fri, 01 Jan 1990 00:00:00 GMT location https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	960d92a.modern.js Show response donate.wfp.org/_wfp/	15 KB 5 KB	17ms 16ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/960d92a.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/b2a457a.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 3a726662d35cda6fc724a47636793e28aeca63ad7fd7586edd53db4815def981 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 13 Nov 2023 03:57:17 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 1088424 etag W/"146e-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 1a53c0feec536c7a587a2215f789d4f6 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5230
GET H3	200	46073b0.modern.js Show response donate.wfp.org/_wfp/	411 KB 88 KB	17ms 17ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/46073b0.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/b2a457a.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash ac8aa96e1da838f3af3d354dce527e833927ec4f40dfaed294b22b72eb41821b Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 18:00:40 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 87421 etag W/"1613a-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 156807cc4c5bddeb0f2efde7e7cfea92 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 90426
GET H3	200	241bc23.modern.js Show response donate.wfp.org/_wfp/	18 KB 4 KB	23ms 23ms	Script application/javascript	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/241bc23.modern.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/b2a457a.modern.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash fb8a5407a4d6d3f2f75b3accb0e27248a053efeb437dcffce147fe941d2a3071 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 11 Nov 2023 02:41:48 GMT content-encoding br via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 1265753 etag W/"115e-18b643a5f48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cloud-trace-context 159a5bc134c1c72e4e39f1e86e6dfd47 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4446
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	1 KB 1 KB	197ms 66ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/4c3d56f.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 791b9904a882169e59820d8ea32d474800fb677d4926646b0aa798c51a94bbd3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sat, 25 Nov 2023 18:17:41 GMT
GET H2	200	hotjar-2048364.js Show response static.hotjar.com/c/	14 KB 5 KB	98ms 50ms	Script application/javascript	52.222.139.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2048364.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-53.ams50.r.cloudfront.net Software / Resource Hash bfb64e68c807ecb27307cfdfd19d9050990eb3b8054e8b453babf1714fa28294 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 fb6c3dd3817d7e9cad9e87d716e2024c.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 etag W/89eaef4a2baf97b43aa9985fe46f2423 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id P37iyH7RGTCPS2TYxQHd4LTqj6c54Ma5CHRe1RfNRQw46gTFFztRUg==
GET H3	200	Open_Sans-700-latin72.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	23ms 23ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-700-latin72.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 21:35:41 GMT via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 852120 etag W/"af00-18b643a5f48" content-type font/woff2 x-cloud-trace-context 7a59f835958683006166d5dc26420fa7 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
GET H3	200	Open_Sans-800-latin80.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	20ms 19ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-800-latin80.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 21:35:41 GMT via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 852120 etag W/"af00-18b643a5f48" content-type font/woff2 x-cloud-trace-context 6c5b4333a0ac5074b3c08d7be03af8ee cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	63ms 63ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1423125560&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=IG%20Forms&ea=Donation%20Page%20View&_u=aGDACEABBAAAAGAAI~&jid=385728207&gjid=2122140981&cid=19549956.1700936260&tid=UA-2556524-1&_gid=1232132989.1700936260&_r=1&gtm=45He3b81n71KN3K8Dv6630861&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=544872182 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xwk0klq7.js Show response l.getsitecontrol.com/	433 B 1 KB	77ms 53ms	Script text/javascript	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://l.getsitecontrol.com/xwk0klq7.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 7dd394c401138f8120a30565d9b89bc3c87d104dc3a7b87bdc87472675356aa5 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br cdn-edgestorageid 1080 x-amz-request-id Y6EN2AFJ937TBW9F x-amz-server-side-encryption AES256 cdn-cachedat 11/25/2023 12:42:41 cdn-pullzone 89704 cross-origin-resource-policy cross-origin x-amz-id-2 q9+VVWKjbUmCLBY7V0LY1gdUimx8MVA7JFoG6Ig4EJkKvqzpsJf0hIH5vkaMbxsiugUgyi42Ydk= last-modified Fri, 24 Nov 2023 14:10:28 GMT server BunnyCDN-DE1-1081 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"59380956432338b9fde4258c27bf8cb2" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=0 cdn-requestid 0cfcbce78cc9b7bcedcdbf9bd09022e0 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	loader.json Show response cdn.sparkcentral.com/rtm/web/1.25.7/	80 B 608 B	155ms 15ms	XHR application/json	2600:9000:20a0:ca00:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/loader.json Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20a0:ca00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 11:05:20 GMT via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P2 age 25968 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC content-length 80 last-modified Fri, 19 Feb 2021 16:46:29 GMT server AmazonS3 etag "f404840dc69a65c5380c1f11207d1c15" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id MJ5gtXSATtYyjwW3k9ZVsngq6bTnD0GNDj_z2UHziHJoSj5lMUpHpQ==
GET H3	200	aq-en-it-wf1680166-mobile.webp donate.wfp.org/media/768/fvym0jp0/3x4/	9 KB 9 KB	57ms 57ms	Image image/webp	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/768/fvym0jp0/3x4/aq-en-it-wf1680166-mobile.webp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 9f001bc269b29201683598a04376232f9c508190b92ae26238cb74901c065087 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT age 0 x-guploader-uploadid ABPtcPrT6vGMiG7m71_prwPfY3TrpTAqnPrfbacqCoop72Sv8aA1GqDBvKs2X-WaFM1z0Fmo_ToGUt0moR9EEaMqL8IE-G3gwJ4j x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9176 last-modified Fri, 24 Nov 2023 15:38:13 GMT server UploadServer etag "e579967e0077cbe4ffd0220b094edbb0" x-goog-generation 1698401531641355 x-goog-hash crc32c=aMQR7g==, md5=5XmWfgB3y+T/0CILCU7bsA== content-type image/webp cache-control public,max-age=3600 x-goog-stored-content-length 9176 accept-ranges bytes
GET H3	200	aq-en-it-desktop-nigeria-vest-women-2022-wf1680166.webp donate.wfp.org/media/768/ivodn3wq/3x4/	34 KB 34 KB	49ms 49ms	Image image/webp	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/768/ivodn3wq/3x4/aq-en-it-desktop-nigeria-vest-women-2022-wf1680166.webp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 507acb76a964ac9d3ddccee523e2b85b59321da56c71ff5e22ddba8e70a89e46 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT age 0 x-guploader-uploadid ABPtcPpwIUu19yiFinf5-pCr11jm3eGckC1107Qf9no8G1VRtObjoyvjfIShwE7ypsfkECNtsyjZVi0pIgPrd9al5iGwxa0IRTTf x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34304 last-modified Thu, 23 Nov 2023 15:33:36 GMT server UploadServer etag "0f067b8158e8b0f57af86fa7357a9edf" x-goog-generation 1698401586080003 x-goog-hash crc32c=kFjR8A==, md5=DwZ7gVjosPV6+G+nNXqe3w== content-type image/webp cache-control public,max-age=3600 x-goog-stored-content-length 34304 accept-ranges bytes
GET H3	200	untitled-design.png donate.wfp.org/media/nmjj3mc2/	31 KB 31 KB	18ms 18ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/nmjj3mc2/untitled-design.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 266f5618550c5497dccc49cd0aea9f2faada467f60f13ea748e9b7c8af9b0d14 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 17:45:07 GMT age 1954 x-guploader-uploadid ABPtcPpuBs8L4grWYe-ukfFZAbkfiMeW7n0hTXyj33GsUNgou6rHLDznKr7rJgRbam0spV6HUVqTolGk_-jQQ5RZGDL5Yg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31868 last-modified Thu, 18 Aug 2022 09:53:30 GMT server UploadServer etag "1af98eed0a6947856cfebc54cf8adca5" x-goog-generation 1660816410607378 x-goog-hash crc32c=pF8BbA==, md5=GvmO7QppR4Vs/rxUz4rcpQ== content-type image/png cache-control public,max-age=3600 x-goog-stored-content-length 31868 accept-ranges bytes
GET H3	200	Open_Sans-500-latin56.a09c41f.woff2 donate.wfp.org/_wfp/fonts/	44 KB 44 KB	20ms 20ms	Font font/woff2	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://donate.wfp.org/_wfp/fonts/Open_Sans-500-latin56.a09c41f.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/css/78441d1.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Request headers Referer https://donate.wfp.org/_wfp/css/78441d1.css Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 21:35:41 GMT via 1.1 google last-modified Wed, 25 Oct 2023 00:27:09 GMT server Google Frontend age 852120 etag W/"af00-18b643a5f48" content-type font/woff2 x-cloud-trace-context c51d07fbc14888527864c7ec8814df77 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44800
GET H3	200	hearts.png donate.wfp.org/assets/img/icons/	3 KB 3 KB	31ms 30ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/hearts.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 428941d3e89cc8f1333768f46d03ad981f32dd43ac0dfb0cbdb9cfdf7b8175a9 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"dae-18b643805b8" content-type image/png x-cloud-trace-context 11837e605a8c72fe1bc418e844cdc2a3 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3502
GET H3	200	unwfpde.webp donate.wfp.org/media/320/v43ehpwf/	12 KB 12 KB	51ms 48ms	Image image/webp	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/320/v43ehpwf/unwfpde.webp Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 255f4d4f93f28e66a913e6b6ccd458f17367ff79b032e220115e61810fa93c34 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT age 0 x-guploader-uploadid ABPtcPqoj41iqoEDdGLs_FNXSn53W17yBY4BhBb9QijVoeNHW4CuiMEDyxd3IWyV-GNW6t_8hJiAsi4KQVmtqydAseXnyrPCiY3P x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12172 last-modified Tue, 11 Oct 2022 13:21:25 GMT server UploadServer etag "9eaf91c3b68addd37cd1d02756955629" x-goog-generation 1665494485935388 x-goog-hash crc32c=ZpySnA==, md5=nq+Rw7aK3dN80dAnVpVWKQ== content-type image/webp cache-control public,max-age=3600 x-goog-stored-content-length 12172 accept-ranges bytes
GET H3	200	unwfp-standard-black-rgb-en.png donate.wfp.org/media/5gzfbyox/	7 KB 7 KB	58ms 55ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/5gzfbyox/unwfp-standard-black-rgb-en.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash e612830c72c5254782cf85d0a3a9a776dd3b8ded34b0aa4a09ed5393729b103a Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT age 0 x-guploader-uploadid ABPtcPqAJ7z0A9a9XNpi_5lsZJzK1VucrHtkzJnwmLH3V1GAp0aEPzTbtehNY_n_fQ3xoIJW2cIU3WjhsZlIRNhbhWJAG8AGvPNA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7370 last-modified Tue, 18 Oct 2022 16:09:23 GMT server UploadServer etag "5eb6d92587747e39c57d5bad3dd093f2" x-goog-generation 1666109363864446 x-goog-hash crc32c=LEaDNQ==, md5=XrbZJYd0fjnFfVutPdCT8g== content-type image/png cache-control public,max-age=3600 x-goog-stored-content-length 7370 accept-ranges bytes
GET H3	200	email-t.svg donate.wfp.org/media/qsnbnjsm/	761 B 788 B	25ms 23ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/qsnbnjsm/email-t.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 15c5c05e1c7787a5caacde914ea0316bfaa79d8e0d027d4e1f555252b4658654 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 17:36:23 GMT age 2478 x-guploader-uploadid ABPtcPokJhTGphI_kb6x26kLtlNS7zl1O_223XkRulyKOwVnnAaJACnVADhizM_S-5pIX3ir8sftrLdnZuyKHeAzwsz6 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 761 last-modified Wed, 17 Aug 2022 14:48:46 GMT server UploadServer etag "d3a5551ded7ee06303ce091b41922983" x-goog-generation 1660747726973559 x-goog-hash crc32c=mQQ7WA==, md5=06VVHe1+4GMDzgkbQZIpgw== content-type image/svg+xml cache-control public,max-age=3600 x-goog-stored-content-length 761 accept-ranges bytes
GET H3	200	microsoftteams-image.png donate.wfp.org/media/55cp51ue/	9 KB 9 KB	59ms 56ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/media/55cp51ue/microsoftteams-image.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash fc9e37fabc51947d3aaa8597bdc3df4aafd79759730b995d6e70686fca30ac8d Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT age 0 x-guploader-uploadid ABPtcPrElFQZKYMTminUkibN-Oa_3ZQ15ABe1AzSL3HuH_5TIjb8QnQm_5og3X5wd32v5BLhz9fxywPd9h9SBuZlPOTYiUgB3MYi x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9214 last-modified Wed, 23 Nov 2022 08:52:43 GMT server UploadServer etag "df1562ba666dd8a3beaa254fbaa5ed1a" x-goog-generation 1669193563934111 x-goog-hash crc32c=L0NwhQ==, md5=3xViumZt2KO+qiVPuqXtGg== content-type image/png cache-control public,max-age=3600 x-goog-stored-content-length 9214 accept-ranges bytes
GET H3	200	twitter.svg donate.wfp.org/assets/img/icons/	433 B 324 B	40ms 38ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/twitter.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 25d6a90087c11bb3e87d40c12de81441ec389d39b587a77c1e0d771d9eadfa20 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"1b1-18b643805b8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	facebook.svg donate.wfp.org/assets/img/icons/	552 B 384 B	47ms 45ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/facebook.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash c6034e158d46463cf39b67667d1f14fc3767042d02244d98335189291184e3a6 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"228-18b643805b8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	instagram.svg donate.wfp.org/assets/img/icons/	2 KB 750 B	47ms 45ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/instagram.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash bf190f53b34ca5a0445da2fbd9ff9a7155487c067c907fa7540d855e603fb807 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"74b-18b643805b8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	linkedin.svg donate.wfp.org/assets/img/icons/	616 B 395 B	45ms 44ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/linkedin.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 0f9aa279fa08f83278e9ae8de1c27ba480c6cb8a6c41e017b7b71e86305f13fc Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"268-18b643805b8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	youtube.svg donate.wfp.org/assets/img/icons/	547 B 326 B	43ms 41ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/youtube.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 9812cb6d54877fc4bf9e7129b85d16475af9b00b367ad8e812a7365c48867a8f Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"223-18b643805b8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/ Frame C599	50 KB 19 KB	177ms 78ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: 10390555.fls.doubleclick.net URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18823 x-xss-protection 0 server cafe etag 4145344891725561964 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 25 Nov 2023 18:17:41 GMT
GET H2	200	dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=*;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~... adservice.google.com/ddm/fls/z/ Frame C599	42 B 118 B	96ms 95ms	Image image/gif	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=*;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Requested by Host: 10390555.fls.doubleclick.net URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tc.min.js Show response c1.rfihub.net/js/ Frame 2170	19 KB 6 KB	66ms 8ms	Script application/x-javascript	2600:9000:214f:de00:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.rfihub.net/js/tc.min.js Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:de00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers accept-language de-DE,de;q=0.9 Referer https://5499309.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 17:35:16 GMT content-encoding br via 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront) last-modified Thu, 23 Nov 2023 09:04:46 GMT server Jetty(9.4.51.v20230217) x-amz-cf-pop FRA53-C1 age 2631 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control public, max-age=3600 x-amz-cf-id ucevaeSlCrUx2PL4aGDGWDNsqMGdCmpuTU5zoEgS7zUzlz9r-_a3Eg== expires Sat, 25 Nov 2023 18:33:50 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	55ms 54ms	XHR text/plain	2a00:1450:400c:c09::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=19549956.1700936260&jid=385728207&gjid=2122140981&_gid=1232132989.1700936260&_u=aGDACEABBAAAAGAAI~&z=25092308 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 25 Nov 2023 18:17:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sparkcentral.1.25.7.min.js Show response cdn.sparkcentral.com/rtm/web/1.25.7/	9 KB 4 KB	43ms 14ms	Script application/javascript	2600:9000:20a0:ca00:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20a0:ca00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 11:24:29 GMT content-encoding gzip via 1.1 8c6af47a034eacd38f7f934dfc1eaa40.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:30 GMT server AmazonS3 x-amz-cf-pop AMS58-P2 age 25186 x-amz-server-side-encryption AES256 etag W/"cd3c7f973f6b72e066d3f3f23b53d94f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC x-amz-cf-id mXGC4fOS_6UbXFNDFQiM8bojUeqMXptRXhw6qUui8i37ZDMqvNnY7A==
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	92ms 91ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=19549956.1700936260&jid=385728207&_u=aGDACEABBAAAAGAAI~&z=1553796935 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	93ms 92ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=19549956.1700936260&jid=385728207&_u=aGDACEABBAAAAGAAI~&z=1553796935 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/	468 KB 188 KB	171ms 57ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 15:01:59 GMT content-encoding gzip x-content-type-options nosniff age 11742 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192016 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Nov 2024 15:01:59 GMT
GET H2	200	initialise.js Show response pay.gocardless.com/billing/static/dropin/v2/	3 KB 2 KB	108ms 61ms	Script application/javascript	2606:4700:10::6814:8b22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay.gocardless.com/billing/static/dropin/v2/initialise.js Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/c56b242.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8b22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 100082a5a528e4e7117b02aa04631420999caaa3823cad14addb139ba07622bf Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip via 1.1 google cf-cache-status REVALIDATED x-guploader-uploadid ABPtcPrtc3kQi1hmGWAnsXuWxqfGz2pEVoa0Pv9CZmbKRY90trJsDIFX-qsWSu-kUMGnWqvyZDUp-adMWA x-goog-storage-class REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 1384 last-modified Mon, 13 Nov 2023 10:55:14 GMT server cloudflare etag "bfe4acaca79d9ff4f75632dfea89d06a" vary Accept-Encoding x-goog-generation 1699872914607533 content-type application/javascript x-goog-hash crc32c=YCECfQ==, md5=v+SsrKedn/T3VjLf6onQag== cache-control public, max-age=3600 x-goog-stored-content-length 1384 accept-ranges bytes cf-ray 82bbe3d25e203651-FRA expires Sat, 25 Nov 2023 19:17:41 GMT
GET H2	200	js Show response www.paypal.com/sdk/	291 KB 79 KB	55ms 23ms	Script application/javascript	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Requested by Host: donate.wfp.org URL: https://donate.wfp.org/_wfp/2dda680.modern.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b4aed8f020fd953f1d3cb7ff9ca54872f591003be889e6008617ada390c83d27 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff disable-set-cookie true via 1.1 varnish, 1.1 varnish date Sat, 25 Nov 2023 18:17:41 GMT age 5660 strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT, MISS p3p true paypal-debug-id f59179709ba00 server-timing "traceparent;desc="00-0000000000000000000f59179709ba00-a0d5d4544aa779af-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 79334 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f59179709ba00-e59e7c252c2c95b1-01 x-timer S1700936261.498285,VS0,VE8 etag W/"135e6-CsGXhwDtXnchoovZ7TXOnY21MYI" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 1, 0
GET H3	200	pb-stripe.svg donate.wfp.org/assets/img/icons/	4 KB 2 KB	31ms 30ms	Image image/svg+xml	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/pb-stripe.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 3f39956e5e5efe0dc248d9574a7a7071f5ac512ae3d553d3f949653cb8147962 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"f81-18b643805b8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	controller-7a0683016419c80d48884f91b2560bbe.html Show response js.stripe.com/v3/ Frame C5C9	325 B 736 B	7ms 6ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 7fa8e9041bf2c9c80b752c44053a2db5ce9b03ac019deae3c55461d0ee88f3d2 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 54 cache-control max-age=60 content-encoding br content-length 189 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT etag "7a0683016419c80d48884f91b2560bbe" last-modified Tue, 21 Nov 2023 21:42:45 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 28 x-content-type-options nosniff x-request-id 5ee9dc1f-cf7f-4216-97e3-5d7f254e35fe x-served-by cache-fra-eddf8230042-FRA
GET H2	200	payment-request-inner-google-pay-d81870e7f210a291b30eae8bc2873b38.html Show response js.stripe.com/v3/ Frame 6D91	408 B 950 B	8ms 7ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-google-pay-d81870e7f210a291b30eae8bc2873b38.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b7629394ca9deaa02cb67546c35b146e56599bc1894d2f718d25937ce3a800f0 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 333108 cache-control max-age=31536000 content-encoding br content-length 222 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT etag "d81870e7f210a291b30eae8bc2873b38" last-modified Tue, 21 Nov 2023 21:43:00 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 4247 x-content-type-options nosniff x-request-id 30806932-697b-45e7-a94e-55af464f74cb x-served-by cache-fra-eddf8230042-FRA
GET H2	200	payment-request-inner-browser-ca1c54f882517e0838eef5c25e9369bb.html Show response js.stripe.com/v3/ Frame B866	344 B 1 KB	8ms 8ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/payment-request-inner-browser-ca1c54f882517e0838eef5c25e9369bb.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash a68465d1afb675439fac279b431b6cc9de66f602182c312124407a97962efb35 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 5 cache-control max-age=60 content-encoding br content-length 202 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT etag "ca1c54f882517e0838eef5c25e9369bb" last-modified Tue, 21 Nov 2023 21:43:00 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 1 x-content-type-options nosniff x-request-id 44f8c7d8-e9b5-4e16-8071-d28e2e598d19 x-served-by cache-fra-eddf8230042-FRA
GET H2	200	controller-7a0683016419c80d48884f91b2560bbe.html Show response js.stripe.com/v3/ Frame 4C0D	325 B 736 B	8ms 7ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 7fa8e9041bf2c9c80b752c44053a2db5ce9b03ac019deae3c55461d0ee88f3d2 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 54 cache-control max-age=60 content-encoding br content-length 189 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT etag "7a0683016419c80d48884f91b2560bbe" last-modified Tue, 21 Nov 2023 21:42:45 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 29 x-content-type-options nosniff x-request-id 37b0a8c1-61f4-410f-9b99-2d8bda41d8b6 x-served-by cache-fra-eddf8230042-FRA
GET H2	200	elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Show response js.stripe.com/v3/ Frame 6C87	798 B 1 KB	8ms 8ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 6d83d9dc7f643991ef978c46f76e6940436066b4bf123587910c915a2873bd45 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 333055 cache-control max-age=31536000 content-encoding br content-length 362 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT etag "945b3142710d6a867ce4eae94a4065b8" last-modified Tue, 21 Nov 2023 21:42:45 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 10037 x-content-type-options nosniff x-request-id a53e84ff-179b-4bd2-9fd1-3d019338903e x-served-by cache-fra-eddf8230042-FRA
GET H2	200	elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Show response js.stripe.com/v3/ Frame DAC5	798 B 442 B	8ms 8ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 6d83d9dc7f643991ef978c46f76e6940436066b4bf123587910c915a2873bd45 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 333055 cache-control max-age=31536000 content-encoding br content-length 362 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT etag "945b3142710d6a867ce4eae94a4065b8" last-modified Tue, 21 Nov 2023 21:42:45 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 10038 x-content-type-options nosniff x-request-id dcec8446-6d54-4357-a27f-8701c6946d21 x-served-by cache-fra-eddf8230042-FRA
GET H2	200	elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Show response js.stripe.com/v3/ Frame FD9C	798 B 442 B	16ms 7ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 6d83d9dc7f643991ef978c46f76e6940436066b4bf123587910c915a2873bd45 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 333055 cache-control max-age=31536000 content-encoding br content-length 362 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT etag "945b3142710d6a867ce4eae94a4065b8" last-modified Tue, 21 Nov 2023 21:42:45 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 10039 x-content-type-options nosniff x-request-id 109d2d84-af61-4e8e-9056-668fd1adf8da x-served-by cache-fra-eddf8230042-FRA
GET H2	200	xwk0klq7.json Show response l.getsitecontrol.com/	186 KB 11 KB	142ms 128ms	XHR application/json	2400:52e0:1e00::1081:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://l.getsitecontrol.com/xwk0klq7.json Requested by Host: l.getsitecontrol.com URL: https://l.getsitecontrol.com/xwk0klq7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1081 / Resource Hash 87f6d2b38b3e52e039ca565d68171436fbf921d49f262a5995ae384e9b545b88 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br cdn-edgestorageid 1082 x-amz-request-id 8T8H813TW4WXQSR0 x-amz-server-side-encryption AES256 cdn-cachedat 11/24/2023 14:10:53 cdn-pullzone 89704 cross-origin-resource-policy cross-origin x-amz-id-2 LvYugltyeKK8GVbwb1ffq48XR37RbxadDHQOUkb2RCFP5LZFFGni2sZb70NUcl9CNHQeaZWFtu0= last-modified Fri, 24 Nov 2023 14:10:27 GMT server BunnyCDN-DE1-1081 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"1db29680b5504e402d83c95778037921" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cdn-cache REVALIDATED cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=0 access-control-max-age 3000 cdn-requestid ed10c0925d2b2c34895f06cb99ca1e87 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	modules.28e3191d8757c557b4b7.js Show response script.hotjar.com/	227 KB 57 KB	51ms 16ms	Script application/javascript	13.227.219.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.28e3191d8757c557b4b7.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2048364.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-28.ams54.r.cloudfront.net Software / Resource Hash 77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 14:01:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4b28b963946514dd2cf9a90f74a8034a.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 188195 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 57395 last-modified Thu, 23 Nov 2023 14:00:23 GMT etag "1ab24a53e715dcb189ab626bacc0e88b" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id iMJ37Jz3ShS1qHeip4dFLZrMaU-XyRg-7SkftOV3zUS8WHTJxuhFMg==
GET H3	200	credit-card.png donate.wfp.org/assets/img/icons/	407 B 430 B	34ms 34ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/credit-card.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 2a6ab45df9e4d7ba1661e98f9e57c9ae68ed0475f05f23117746c78d2e4fc43b Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"197-18b643805b8" content-type image/png x-cloud-trace-context 4687f7cb3a429f8645e4e081f3ff844d cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 407
GET H3	200	dd.png donate.wfp.org/assets/img/icons/	434 B 457 B	36ms 35ms	Image image/png	34.117.85.67 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://donate.wfp.org/assets/img/icons/dd.png Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 67.85.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 5d5819aa088c4e4c50335bedcded537098e23e7946b9feaca6a323e70e9bc69a Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/1243/donation/regular/?campaign=1517 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 google last-modified Wed, 25 Oct 2023 00:24:35 GMT server Google Frontend etag W/"1b2-18b643805b8" content-type image/png x-cloud-trace-context c1d0864f419323b49782640dd3929ad2 cache-control public, max-age=0 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 434
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C5C9	535 KB 129 KB	7ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 132379 x-request-id b6cc9ffd-77d6-450c-852c-1ffa5d4eb937 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 13
GET H2	200	controller-1255e8c8e7be9e1e7d1b902758665593.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C5C9	664 KB 173 KB	7ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-1255e8c8e7be9e1e7d1b902758665593.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 412863a2db2099ca53db4798be0c5325c387a0b11182585d333a3d18f383d9d0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 176598 x-request-id 814cc8e3-3d4c-4161-899f-96cc3ccd6e57 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:57 GMT server Fastly etag "017ba70cf5ea57317e772fb167ed4e5e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 13
GET H2	200	pay.js Show response pay.google.com/gp/p/js/ Frame 6D91	118 KB 37 KB	237ms 97ms	Script application/javascript	2a00:1450:400c:c02::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d81870e7f210a291b30eae8bc2873b38.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 81b3cfec8709a5844f547eae1fc0966ca4db5ec5c762a371b31954967cbda57b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Ll7gJuxUyy3FGz51JElxWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Ll7gJuxUyy3FGz51JElxWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Sat, 25 Nov 2023 18:17:41 GMT
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 6D91	535 KB 129 KB	9ms 9ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d81870e7f210a291b30eae8bc2873b38.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-google-pay-d81870e7f210a291b30eae8bc2873b38.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 132379 x-request-id 6f1fa2e6-bd80-4264-9f89-9532c1bcb37f x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 14
GET H2	200	payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 6D91	10 KB 4 KB	7ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d81870e7f210a291b30eae8bc2873b38.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-google-pay-d81870e7f210a291b30eae8bc2873b38.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 1530482 x-cache HIT content-length 4272 x-request-id 06a64f2b-b23d-4f6b-a029-a3d51251f6a5 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 24 Oct 2023 17:19:12 GMT server Fastly etag "947a5566a308873ad0fd8dbfdd9c81cf" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 11590
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame B866	535 KB 129 KB	12ms 12ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-browser-ca1c54f882517e0838eef5c25e9369bb.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-browser-ca1c54f882517e0838eef5c25e9369bb.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 132379 x-request-id 870adf4a-b215-4529-9a71-629cb8c95993 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 15
GET H2	200	payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response js.stripe.com/v3/fingerprinted/js/ Frame B866	12 KB 5 KB	13ms 12ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/payment-request-inner-browser-ca1c54f882517e0838eef5c25e9369bb.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/payment-request-inner-browser-ca1c54f882517e0838eef5c25e9369bb.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 1516850 x-cache HIT content-length 4877 x-request-id 87ce1af5-7d97-48df-8acc-416e2129e0c7 x-served-by cache-fra-eddf8230042-FRA last-modified Mon, 09 Oct 2023 20:07:19 GMT server Fastly etag "330666bb238cf77ae96a867563ebc09a" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 19694
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 4C0D	535 KB 129 KB	12ms 12ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 132379 x-request-id 20a17a63-3cb9-4696-b06e-fccd5fc45dd3 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 16
GET H2	200	controller-1255e8c8e7be9e1e7d1b902758665593.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 4C0D	664 KB 173 KB	12ms 12ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-1255e8c8e7be9e1e7d1b902758665593.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 412863a2db2099ca53db4798be0c5325c387a0b11182585d333a3d18f383d9d0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 176598 x-request-id a6eba1ee-b870-4543-a3fc-d9b97e5ba29b x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:57 GMT server Fastly etag "017ba70cf5ea57317e772fb167ed4e5e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 14
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 6C87	535 KB 129 KB	12ms 12ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 132379 x-request-id d7c585bf-5974-4617-b53d-e56852fccbce x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 17
GET H2	200	ui-shared-2ddf66e67375be37473d6d987fe9e201.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 6C87	388 KB 111 KB	14ms 14ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-2ddf66e67375be37473d6d987fe9e201.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash af90523d06b85ca7a8713d86f68d7baad4d02cb692c7edaef254531ba4db0025 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333108 x-cache HIT content-length 112985 x-request-id 83eb8817-2d93-4aa7-8a45-c2874c32e992 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:43:00 GMT server Fastly etag "cd75a9c32c4069c83259ea8e3197aab5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 10377
GET H2	200	elements-inner-card-a9418d2bd47eaef4905fb59925d96766.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 6C87	50 KB 14 KB	25ms 24ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-a9418d2bd47eaef4905fb59925d96766.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b15602d3befea83cf4148fd5fb56e55ca8d6a670913c18e611ef883132901311 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 345765 x-cache HIT content-length 13664 x-request-id 12602565-8653-450f-aab7-77d047fffecb x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 18:11:53 GMT server Fastly etag "1f3f6a2d76e8378cc43ab22fc1d63b9d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 7512
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame 6C87	20 KB 3 KB	12ms 12ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 1524977 x-cache HIT content-length 3304 x-request-id 6c80f505-0656-4f2b-9d8c-831afe4f9c2c x-served-by cache-fra-eddf8230042-FRA last-modified Mon, 24 Jul 2023 20:23:04 GMT server Fastly etag "b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 23922
GET H2	200	elements-inner-card-def9c9718e6b101682be41a8a8513fc2.css js.stripe.com/v3/fingerprinted/css/ Frame 6C87	12 KB 2 KB	12ms 12ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-def9c9718e6b101682be41a8a8513fc2.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 9bde7b8c9c67a244a399902cac14aba36f0f580b74d1b68c253aea086ac8739a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 345765 x-cache HIT content-length 1783 x-request-id 2d5fa05e-7ca3-42a2-9be3-81a3d22b2901 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 18:11:41 GMT server Fastly etag "ce59692e2b4e8de58328d65b73f8a6c8" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 7224
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame DAC5	535 KB 130 KB	22ms 22ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 132379 x-request-id 1e90d5aa-255c-4b34-8e22-f1c49017e8b7 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 19
GET H2	200	ui-shared-2ddf66e67375be37473d6d987fe9e201.js Show response js.stripe.com/v3/fingerprinted/js/ Frame DAC5	388 KB 111 KB	23ms 22ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-2ddf66e67375be37473d6d987fe9e201.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash af90523d06b85ca7a8713d86f68d7baad4d02cb692c7edaef254531ba4db0025 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333108 x-cache HIT content-length 112985 x-request-id 2a64e78c-c139-48a8-8306-d43f07d6d6ae x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:43:00 GMT server Fastly etag "cd75a9c32c4069c83259ea8e3197aab5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 10378
GET H2	200	elements-inner-card-a9418d2bd47eaef4905fb59925d96766.js Show response js.stripe.com/v3/fingerprinted/js/ Frame DAC5	50 KB 13 KB	24ms 24ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-a9418d2bd47eaef4905fb59925d96766.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b15602d3befea83cf4148fd5fb56e55ca8d6a670913c18e611ef883132901311 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 345765 x-cache HIT content-length 13664 x-request-id 9acf8277-bb8d-43b6-a349-0b280163cf1c x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 18:11:53 GMT server Fastly etag "1f3f6a2d76e8378cc43ab22fc1d63b9d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 7513
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame DAC5	20 KB 3 KB	25ms 25ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 1524977 x-cache HIT content-length 3304 x-request-id 1802e4ad-e3f4-47fc-9206-4fecf42e050a x-served-by cache-fra-eddf8230042-FRA last-modified Mon, 24 Jul 2023 20:23:04 GMT server Fastly etag "b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 23924
GET H2	200	elements-inner-card-def9c9718e6b101682be41a8a8513fc2.css js.stripe.com/v3/fingerprinted/css/ Frame DAC5	12 KB 2 KB	17ms 17ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-def9c9718e6b101682be41a8a8513fc2.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 9bde7b8c9c67a244a399902cac14aba36f0f580b74d1b68c253aea086ac8739a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 345765 x-cache HIT content-length 1783 x-request-id 97a4a425-6139-444f-a89d-454dc883bf3d x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 18:11:41 GMT server Fastly etag "ce59692e2b4e8de58328d65b73f8a6c8" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 7226
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame FD9C	535 KB 129 KB	16ms 15ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333166 x-cache HIT content-length 132379 x-request-id 9a220d5a-b34a-4d73-959f-650d4b78bf92 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 18
GET H2	200	ui-shared-2ddf66e67375be37473d6d987fe9e201.js Show response js.stripe.com/v3/fingerprinted/js/ Frame FD9C	388 KB 110 KB	13ms 12ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-2ddf66e67375be37473d6d987fe9e201.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash af90523d06b85ca7a8713d86f68d7baad4d02cb692c7edaef254531ba4db0025 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 333108 x-cache HIT content-length 112985 x-request-id bf5fbb14-6c45-4586-acb7-c1c442b538fc x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:43:00 GMT server Fastly etag "cd75a9c32c4069c83259ea8e3197aab5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 10376
GET H2	200	elements-inner-card-a9418d2bd47eaef4905fb59925d96766.js Show response js.stripe.com/v3/fingerprinted/js/ Frame FD9C	50 KB 14 KB	25ms 25ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-a9418d2bd47eaef4905fb59925d96766.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b15602d3befea83cf4148fd5fb56e55ca8d6a670913c18e611ef883132901311 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 345765 x-cache HIT content-length 13664 x-request-id 760b854a-dcdf-4371-b79f-3a072486ef41 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 18:11:53 GMT server Fastly etag "1f3f6a2d76e8378cc43ab22fc1d63b9d" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 7514
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame FD9C	20 KB 3 KB	13ms 12ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 1524977 x-cache HIT content-length 3304 x-request-id c8802597-cb95-489b-b245-792142695b1a x-served-by cache-fra-eddf8230042-FRA last-modified Mon, 24 Jul 2023 20:23:04 GMT server Fastly etag "b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 23923
GET H2	200	elements-inner-card-def9c9718e6b101682be41a8a8513fc2.css js.stripe.com/v3/fingerprinted/css/ Frame FD9C	12 KB 2 KB	15ms 15ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-def9c9718e6b101682be41a8a8513fc2.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 9bde7b8c9c67a244a399902cac14aba36f0f580b74d1b68c253aea086ac8739a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish age 345765 x-cache HIT content-length 1783 x-request-id c444fa16-d415-4ba2-bec6-20a6f19c586a x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 18:11:41 GMT server Fastly etag "ce59692e2b4e8de58328d65b73f8a6c8" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 7225
POST H2	200	csp-report q.stripe.com/ Frame C5C9	0 715 B	720ms 349ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262311269 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262310602 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 6D91	0 715 B	722ms 352ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262311145 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262310637 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 6D91	0 714 B	732ms 362ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262312182 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311046 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame B866	0 715 B	756ms 386ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262312074 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311733 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame B866	0 714 B	744ms 375ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262312542 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311713 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 4C0D	0 714 B	724ms 355ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262312183 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311708 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 6C87	0 715 B	730ms 362ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262311479 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311101 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 6C87	0 715 B	742ms 374ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262311437 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311036 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame DAC5	0 715 B	722ms 355ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262311587 x-envoy-upstream-service-time 3 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311031 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame DAC5	0 715 B	729ms 362ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262312214 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311737 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame FD9C	0 715 B	740ms 374ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262312297 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311888 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame FD9C	0 714 B	741ms 375ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262312801 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262311930 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	runtime.efcf714.js Show response s2.getsitecontrol.com/widgets/es6/	151 KB 52 KB	49ms 8ms	Script text/javascript	2400:52e0:1e00::1047:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://s2.getsitecontrol.com/widgets/es6/runtime.efcf714.js Requested by Host: l.getsitecontrol.com URL: https://l.getsitecontrol.com/xwk0klq7.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1047:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1047 / Resource Hash 1bb7f12e7b84c62032481f3b0e5f88523cfc1bd34726b6014f0e4766fc4d7543 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br cdn-edgestorageid 1047 x-amz-request-id WWJ3R0TEN9GWFQD8 x-amz-server-side-encryption AES256 cdn-cachedat 11/10/2023 15:34:13 cdn-pullzone 83560 cross-origin-resource-policy cross-origin x-amz-id-2 imOCnwVxPwu/lCP4TmqiD6vB/NxNEnCtXQZnjkAp7F+qw1xLzzpqu3CnIJhIwFwSvH3tCptcTN4= last-modified Fri, 10 Nov 2023 15:29:16 GMT server BunnyCDN-DE1-1047 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"c92a795e22565fe1a9b203c5003d2997" vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid e3a1246b-2fdd-4153-9207-6ca707c9379d access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=22809600 cdn-requestid 88c82874c543ee8c4433055d4d6e64ca cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	ca.html Show response 20777079p.rfihub.com/ Frame D340	5 KB 6 KB	123ms 19ms	Document text/html	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKyowazh34IDFUnLOwIdZmAD1Q%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D339475215097%3Bauiddc%3D477449509.1700936260%3Bgtm%3D45He3b81v6630861%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526&pf=https%3A%2F%2Fadservice.google.com%2F&ra=49830439761485334 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash fb731f99e274105dfecdfc4e014c32a54d4e60215d07f9e41b87e8785c4bfeaf Request headers Referer https://5499309.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 4918 Content-Type text/html;charset=utf-8 Date Sat, 25 Nov 2023 18:17:41 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/481751819/ Frame C599	3 KB 2 KB	52ms 49ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/481751819/?random=1700936261694&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPau96zh34IDFZXJOwIdhW8LIA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6386469586138%3Bauiddc%3D477449509.1700936260%3Bgtm%3D45fe3b81%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 76ce7fefa88b71e49e07dbf31a760f43e64fd7be900935167886d1cad96265da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1612 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	2048364 Show response vc.hotjar.io/sessions/	0 258 B	94ms 35ms	XHR text/plain	18.66.112.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/2048364?s=0.25&r=0.06181850625833629 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.79 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-79.fra56.r.cloudfront.net Software Python/3.8 aiohttp/3.8.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront) server Python/3.8 aiohttp/3.8.4 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id mc_u5dt8ouNBQuhI6HzqGY97OLR4jzXVhdJxbTD6_ktJ3wbcSc3QVw==
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/	3 KB 1 KB	65ms 65ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/?random=1700936261731&cv=11&fst=1700936261731&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9171398942&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&hn=www.googleadservices.com&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&auid=477449509.1700936260&uamb=0&uaw=0&data=event%3Ddetect_user%3Bevent_category%3DHotjar%3Bevent_label%3D7224afce%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-597680250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b9de0731cfbb63bd3c87e2ecbd85d5779bbfb3b2e479a3cd62f582b87b3b74ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1360 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js Show response script.hotjar.com/	190 KB 42 KB	15ms 15ms	Script application/javascript	13.227.219.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-28.ams54.r.cloudfront.net Software / Resource Hash 68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 16:27:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4b28b963946514dd2cf9a90f74a8034a.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 265834 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 42783 last-modified Wed, 22 Nov 2023 16:26:24 GMT etag "238d00d7f9c895e9f37ab6355e0076c2" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id HIkZe2mfWYG7Ei1dOyUFjgc0RWOC6sRR4fvqbnEIgRzHKnItgP3_ew==
GET H2	200	browser-perf.28a8c6b22b3c0474c577.js Show response script.hotjar.com/	4 KB 2 KB	17ms 17ms	Script application/javascript	13.227.219.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-28.ams54.r.cloudfront.net Software / Resource Hash f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 03 Nov 2023 10:24:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4b28b963946514dd2cf9a90f74a8034a.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 1929215 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 1589 last-modified Fri, 03 Nov 2023 10:23:46 GMT etag "d065ec1659ab8dbb93042fdf9a225634" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id BhiEOknHje-wRCCuIC3HVaKfVOUpmM3jd7ZyPXE0sQVoEyDQ1XgpTA==
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	14 KB 5 KB	25ms 25ms	Script application/x-javascript	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.410&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 60816fe9bdee93b56c5e00eaf2c3d6880c87449cc3d52fac039e576c23a4a1ba Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nEPqnjxJdnvZa1LxAJ5xDZuj6Wl4sAeXfWQbGjAsv++uQFVm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nEPqnjxJdnvZa1LxAJ5xDZuj6Wl4sAeXfWQbGjAsv++uQFVm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:41 GMT via 1.1 varnish, 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload age 22636 x-cache HIT, MISS paypal-debug-id f2809021994e3 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 4776 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f2809021994e3-f1ed846f964b3971-01 x-timer S1700936262.776817,VS0,VE12 etag W/"366d-wuLZmL6+gOHhcfH2uHbbsz/pnyE" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=3600 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 1, 0
GET H2	200	buttons Show response www.paypal.com/smart/ Frame CFD7	399 KB 102 KB	396ms 395ms	Document text/html	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f9911182bf3ba&storageID=uid_b2c4c27287_mtg6mtc6nde&sessionID=uid_f4ad8c6fd2_mtg6mtc6nde&buttonSessionID=uid_45e869554f_mtg6mtc6nde&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b5b90c1de0e1b5f0c3d073ae2e1620296266c70a8ea14669680f0174f75a84cd Security Headers Name Value Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-expose-headers Server-Timing cache-control max-age=0, no-cache, no-store, must-revalidate content-disposition inline content-encoding gzip content-security-policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:42 GMT dc ccg11-origin-www-1.paypal.com etag W/"63c12-6h0iVh5cWRcN2v04qWvL3HeXI+k" origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== p3p true paypal-debug-id f235321858446 permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing "traceparent;desc="00-0000000000000000000f235321858446-6ac4549380ef499d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f235321858446-d1bae007b5f6a550-01 vary Accept-Encoding via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-content-type-options nosniff x-csrf-jwt __blank__ x-served-by cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA x-timer S1700936262.803069,VS0,VE389 x-xss-protection 1; mode=block
GET H2	200	paypal-white.svg www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 41D9	3 KB 2 KB	49ms 8ms	Image image/svg+xml	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CEB) / Resource Hash 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id 6f351d43d2f8e dc ccg11-origin-www-1.paypal.com content-length 1210 last-modified Tue, 04 Apr 2023 21:46:19 GMT server ECAcc (frc/4CEB) traceparent 00-00000000000000000006f351d43d2f8e-57db498aac5658a6-01 etag W/"642c9aab-cc2" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Sat, 25 Nov 2023 19:17:41 GMT
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame C5C9	474 B 371 B	23ms 7ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id a16e1dc0-ebc8-4dc0-9981-1fdd4d2a1bfb x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 5
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame C5C9	474 B 369 B	16ms 7ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 6685f360-a0c7-4d65-ac47-688f9919a7ca x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 7
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 4C0D	474 B 612 B	11ms 7ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 96c88ae8-a5dc-4757-b7af-cdaed8eb4a26 x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 7
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 4C0D	474 B 372 B	11ms 9ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/controller-7a0683016419c80d48884f91b2560bbe.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 43109ce6-acce-4380-b95d-4d9c24dd120f x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 8
POST H2	200	/ Show response content.hotjar.io/	56 B 161 B	201ms 104ms	XHR application/json	54.154.38.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.28e3191d8757c557b4b7.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.154.38.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-38-49.eu-west-1.compute.amazonaws.com Software / Resource Hash 6e5704724b6a35dc4534bde3506eeb04d3e570afa401f545c47c6480147e08d8 Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Sat, 25 Nov 2023 18:17:42 GMT content-length 56 vary Origin content-type application/json
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 6C87	474 B 372 B	7ms 7ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 973f5f37-f8a8-4665-9f4e-adaece330c96 x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 9
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame FD9C	474 B 373 B	6ms 6ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 812f739a-b918-4043-a83a-f1df8d787039 x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 10
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame DAC5	474 B 373 B	8ms 8ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:41 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 36dd6c66-7c21-4cd4-81bc-a67f3fecdd5b x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 11
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	38ms 38ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je3b81v9100514608&_p=1700936259488&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=19549956.1700936260&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700936260&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&dt=UN%20World%20Food%20Programme%20(WFP)&en=scroll&epn.percent_scrolled=90&_et=6&tfd=3624 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	37ms 37ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je3b81v9100514608&_p=1700936259488&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=19549956.1700936260&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&dr=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&sid=1700936260&sct=1&seg=1&dt=UN%20World%20Food%20Programme%20(WFP)&en=page_view&_c=1&_et=1763&up.hjuid=7224afce&tfd=3624 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://donate.wfp.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	anchor Show response www.recaptcha.net/recaptcha/api2/ Frame A59C	60 KB 34 KB	77ms 77ms	Document text/html	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t60icy42mpru Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2f1c1626bd0aa455dc4e701707d2c05b4616abe943db5f2c1113d17d0b5ef366 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-XOYKzBwMjuleR0EbhpswBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-XOYKzBwMjuleR0EbhpswBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 25 Nov 2023 18:17:42 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	wallet-config Show response merchant-ui-api.stripe.com/elements/ Frame C5C9	2 KB 3 KB	346ms 273ms	Fetch application/json	34.252.74.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://merchant-ui-api.stripe.com/elements/wallet-config Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.252.74.21 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-74-21.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 73beb4847dbb42dda77dd55588b4c6052424e19fb3fef25da6200f706894842e Security Headers Name Value Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-security-policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' strict-transport-security max-age=63072000; includeSubDomains; preload cross-origin-resource-policy same-site content-length 2196 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx access-control-max-age 300 access-control-allow-methods GET, POST content-type application/json; charset=UTF-8 access-control-allow-origin https://js.stripe.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin access-control-allow-headers x-stripe-csrf-token cross-origin-opener-policy-report-only same-origin; report-to=https://q.stripe.com/coop-report expires 0
GET H3	200	/ www.google.de/pagead/1p-conversion/481751819/ Frame C599 Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=3756032... https://www.google.com/pagead/1p-conversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C5122... https://www.google.de/pagead/1p-conversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C51224...	42 B 64 B	73ms 72ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPau96zh34IDFZXJOwIdhW8LIA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6386469586138%3Bauiddc%3D477449509.1700936260%3Bgtm%3D45fe3b81%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzoypreHfggMVa6D9Bx2TRQOk&is_vtc=1&ocp_id=RTpiZY7WK-vA9u8Pk4uNoAo&cid=CAQSKQDICaaNzJteZLktHKP3KQg_5UTgGb_yB8hJYe_COx22yodG2peDpfJr&random=375539760&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hBKEBi1igRimJ7QvC2q64yFdOSVwEAhA3YOxqFR24HTwPxEymbA-QwTjmFh2aX77F0baN7KWwE7uh3r3QTPNtp3 Requested by Host: 10390555.fls.doubleclick.net URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=CPau96zh34IDFZXJOwIdhW8LIA;src=10390555;type=rem0;cat=allp;ord=6386469586138;auiddc=477449509.1700936260;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26? Protocol H3 Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://10390555.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/481751819/?random=1619105394&cv=9&fst=1700936261694&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCPau96zh34IDFZXJOwIdhW8LIA%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D6386469586138%3Bauiddc%3D477449509.1700936260%3Bgtm%3D45fe3b81%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzoypreHfggMVa6D9Bx2TRQOk&is_vtc=1&ocp_id=RTpiZY7WK-vA9u8Pk4uNoAo&cid=CAQSKQDICaaNzJteZLktHKP3KQg_5UTgGb_yB8hJYe_COx22yodG2peDpfJr&random=375539760&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hBKEBi1igRimJ7QvC2q64yFdOSVwEAhA3YOxqFR24HTwPxEymbA-QwTjmFh2aX77F0baN7KWwE7uh3r3QTPNtp3 content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	events Show response events.getsitectrl.com/api/v1/	609 B 857 B	323ms 102ms	Fetch text/plain	34.206.188.88 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.getsitectrl.com/api/v1/events?query=campaign%3D1517 Requested by Host: s2.getsitecontrol.com URL: https://s2.getsitecontrol.com/widgets/es6/runtime.efcf714.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.188.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-188-88.compute-1.amazonaws.com Software Getsitecontrol / Resource Hash f476a9dccee8b8adc1369d5d70005095e2bae2284986683f3585b3a0ec2fe3d6 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT server Getsitecontrol access-control-allow-methods GET,POST content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control private, no-cache access-control-allow-credentials false access-control-allow-headers Content-Type,X-Requested-With content-length 609
GET H2	451	501709.gif idsync.rlcdn.com/ Frame D340 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer=https%3A%2F%2Fadservice.google.com%2F&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a659-dd83c19... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a6... https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.1520758	0 42 B	21ms 20ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.1520758 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.1520758 content-length 447 x-amz-cf-id 2SZZXYCzvNa_izppyXq3iXo8eMkpro7jaEuiKVwgMfQ-k06PnkUcKA==
GET H3	451	501709.gif idsync.rlcdn.com/ Frame D340 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyOTAxNjM2NTQ1NA==&forward= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESECCK2xIm-c99o7rrHr4fybc&google_cver=1 https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer={encSite}&forward= https://p.rfihub.com/cm?pub=39342&in=0&userid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a659-dd83c19... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329529016365454&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd22154c6-2948-4223-a6... https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.314138	0 9 B	24ms 24ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.314138 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront) server lighttpd/1.4.69 x-amz-cf-pop FRA56-C2 vary Cookie x-cache Miss from cloudfront content-type text/html; charset=utf-8 location https://idsync.rlcdn.com/501709.gif?partner_uid=d22154c6-2948-4223-a659-dd83c19d0952%3A1700936262.1505668&_=1700936262.314138 content-length 445 x-amz-cf-id Hp1hmqj7wAoe9G9UtbRldIXxfK85UjHVgpIoXz2-7EQLHKT247zZBg==
GET H2	200	bounce ib.adnxs.com/ Frame D340 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5133329529016365454 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329529016365454	43 B 887 B	15ms 15ms	Image image/gif	185.89.210.82 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329529016365454 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Server 185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT an-x-request-uuid 94a75955-e60f-4306-b57f-0b2b44fb9aab server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 185.213.155.163; 185.213.155.163; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT an-x-request-uuid 81b92b84-a45a-437f-abe1-428475aabaf8 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329529016365454 cache-control no-store, no-cache, private x-proxy-origin 185.213.155.163; 185.213.155.163; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	demconf.jpg dpm.demdex.net/ Frame D340 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329529016365454&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329529016365454&redir=	42 B 717 B	31ms 31ms	Image image/gif	99.81.155.62 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329529016365454&redir= Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Server 99.81.155.62 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-155-62.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v054-04bfcd41e.edge-irl1.demdex.com 2 ms pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid cmpNSX56Tps= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-2-v054-03a8f348b.edge-irl1.demdex.com 0 ms pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid Tdhw0Q1nRYg= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329529016365454&redir= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame D340	0 225 B	65ms 14ms	Image text/html	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5133329529016365454&r= Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:41 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame D340	43 B 273 B	55ms 20ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329529016365454&r= Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Frame D340 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5133329529016365454&bid=omt9pi0	0 344 B	44ms 8ms	Image text/plain	3.127.178.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5133329529016365454&bid=omt9pi0 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol HTTP/1.1 Server 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-178-105.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 25 Nov 2023 18:17:42 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5133329529016365454&bid=omt9pi0 Date Sat, 25 Nov 2023 18:17:42 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame D340	53 B 616 B	141ms 112ms	Image image/gif	23.218.208.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329529016365454 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-23.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Sat, 25 Nov 2023 18:17:42 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 53 x-mnet-hl2 E expires Sat, 25 Nov 2023 18:17:42 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame D340	43 B 109 B	417ms 130ms	Image image/gif	3.230.136.68 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5133329529016365454 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.230.136.68 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-230-136-68.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H2	200	rum dsum-sec.casalemedia.com/ Frame D340 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329529016365454&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329529016365454&forward=&C=1	43 B 338 B	32ms 32ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329529016365454&forward=&C=1 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sjs0SQMz2kTDS%2B84DSmfy8upwTtvq2P8%2B9NQRW13wJDMh26wu977PYj7UUS02RlVltlXe8Zuh8t7IcNjgbuqXlcKe70ysdpHVzWwNcZ7912NnMVRSXWIBOVN%2Fey%2B3kgkdCsGFJj75HsXng%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 82bbe3d63a611daa-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOZhvh7mNZRJzjmUf9imDcT7SQR4nOgMRExMDzfBO1HFIiLfpVfQk6bVRSUc%2BVgtA8FV0pLh6bpdSs4FMuLIQmfSQOHzL5p%2Bg2eMAZp4q0Zqdj8p4xqHY9a7H2NkPoPKSWXhKrXYmQVD8g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5133329529016365454&forward=&C=1 cache-control no-cache cf-ray 82bbe3d60a191daa-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame D340	0 98 B	97ms 34ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5133329529016365454 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame D340	43 B 182 B	247ms 203ms	Image image/gif	69.192.160.219 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329529016365454 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a69-192-160-219.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Sat, 25 Nov 2023 18:17:42 GMT pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 43 content-type image/gif
GET H2	200	sync partners.tremorhub.com/ Frame D340	43 B 175 B	343ms 102ms	Image image/gif	2600:1f18:612b:4216:c60f:823f:3002:28a0 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5133329529016365454&r=yEekR1kIS28r Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4216:c60f:823f:3002:28a0 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Sat, 25 Nov 2023 18:17:42 GMT server nginx content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame D340	43 B 377 B	35ms 8ms	Image image/gif	18.195.188.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329529016365454 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.188.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-188-44.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame D340	0 337 B	104ms 30ms	Image text/plain	108.128.36.0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329529016365454 Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.36.0 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-36-0.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-served-by beacon-n006-dub-prod.krxd.net date Sat, 25 Nov 2023 18:17:42 GMT cache-control private, no-cache, no-store x-request-time D=31 t=1700936262 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync x.bidswitch.net/ Frame D340	43 B 146 B	144ms 7ms	Image image/gif	18.159.232.130 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329529016365454&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} Requested by Host: 5499309.fls.doubleclick.net URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CKyowazh34IDFUnLOwIdZmAD1Q;src=5499309;type=sitev00;cat=wfpor0;ord=339475215097;auiddc=477449509.1700936260;gtm=45He3b81v6630861;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-232-130.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H/1.1	200 OK	cm p.rfihub.com/ Frame D340 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZWI6RgACSdkYFQAM https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWI6RgACSdkYFQAM&_test=ZWI6RgACSdkYFQAM	42 B 1 KB	15ms 15ms	Image image/gif	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWI6RgACSdkYFQAM&_test=ZWI6RgACSdkYFQAM Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol HTTP/1.1 Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20777079p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/gif Date Sat, 25 Nov 2023 18:17:42 GMT Cache-Control no-cache Server Jetty(9.4.51.v20230217) Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-fra-eddf8230024-FRA pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish server Varnish x-timer S1700936262.324314,VS0,VE0 x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWI6RgACSdkYFQAM&_test=ZWI6RgACSdkYFQAM cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	564ms 545ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486478 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262485801 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 272 B	408ms 389ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312675 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262311850 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 271 B	395ms 376ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312416 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262311940 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 272 B	396ms 377ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312611 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262311945 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 272 B	407ms 389ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312668 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262312049 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	537ms 519ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485498 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262485354 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	565ms 547ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485727 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262485294 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	537ms 519ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485713 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262485370 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	553ms 535ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485853 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262485615 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	551ms 534ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486089 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262485663 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	563ms 546ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486493 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262485705 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	533ms 516ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262484762 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262484528 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	540ms 524ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485332 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262484787 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	530ms 514ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485038 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262484821 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	538ms 522ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485035 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262484917 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	561ms 546ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485098 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262484866 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	530ms 514ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485119 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262484967 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	534ms 518ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485178 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262484925 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	551ms 536ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485525 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262484946 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	538ms 523ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485544 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262485033 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	538ms 523ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485739 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262485198 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	549ms 534ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485492 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262485263 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 272 B	392ms 378ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312448 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262312161 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 271 B	404ms 390ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312730 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262312194 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 271 B	402ms 388ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312818 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262312201 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 271 B	402ms 388ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312919 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262312296 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 272 B	391ms 377ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312386 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262312236 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	538ms 525ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262484891 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262484407 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 271 B	402ms 388ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312442 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262311992 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 271 B	389ms 376ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312326 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262312032 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 271 B	402ms 390ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312640 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262312059 access-control-allow-credentials true content-length 0
POST H2	200	wallet-config Show response merchant-ui-api.stripe.com/elements/ Frame 4C0D	2 KB 3 KB	319ms 271ms	Fetch application/json	34.252.74.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://merchant-ui-api.stripe.com/elements/wallet-config Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.252.74.21 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-74-21.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash fa1b020be927b61a3768eb9a9c717e9dc2110ebb047f6eb7d1eb9fd3f21253a4 Security Headers Name Value Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-security-policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self' strict-transport-security max-age=63072000; includeSubDomains; preload cross-origin-resource-policy same-site content-length 2196 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx access-control-max-age 300 access-control-allow-methods GET, POST content-type application/json; charset=UTF-8 access-control-allow-origin https://js.stripe.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin access-control-allow-headers x-stripe-csrf-token cross-origin-opener-policy-report-only same-origin; report-to=https://q.stripe.com/coop-report expires 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 272 B	389ms 377ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312646 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262312135 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	543ms 534ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262484725 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262484460 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 271 B	399ms 390ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312492 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1700936262312211 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 272 B	397ms 389ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312769 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262312116 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	523ms 516ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262484716 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262484579 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 271 B	383ms 376ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262312503 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262312122 access-control-allow-credentials true content-length 0
GET H3	200	/ www.google.com/pagead/1p-user-list/597680250/	42 B 64 B	76ms 76ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/597680250/?random=1700936261731&cv=11&fst=1700935200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9171398942&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&data=event%3Ddetect_user%3Bevent_category%3DHotjar%3Bevent_label%3D7224afce%3Bnon_interaction%3Dtrue&fmt=3&is_vtc=1&cid=CAQSKQDICaaNez1e-FjuYYYaYSz8z5kSlQENsfRba05x96_gUs5D5ACmXoUR&random=2746312942&rmt_tld=0&ipr=y Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/597680250/	42 B 64 B	68ms 67ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/597680250/?random=1700936261731&cv=11&fst=1700935200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9171398942&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&data=event%3Ddetect_user%3Bevent_category%3DHotjar%3Bevent_label%3D7224afce%3Bnon_interaction%3Dtrue&fmt=3&is_vtc=1&cid=CAQSKQDICaaNez1e-FjuYYYaYSz8z5kSlQENsfRba05x96_gUs5D5ACmXoUR&random=2746312942&rmt_tld=1&ipr=y Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Sat, 25 Nov 2023 18:17:42 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	muse.js Show response www.paypalobjects.com/muse/	55 KB 16 KB	9ms 9ms	Script application/javascript	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/muse.js Requested by Host: www.paypal.com URL: https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.410&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CA9) / Resource Hash 20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id d6c6e2a824ed5 dc ccg11-origin-www-1.paypal.com content-length 16488 last-modified Fri, 01 Sep 2023 21:10:59 GMT server ECAcc (frc/4CA9) traceparent 00-0000000000000000000d6c6e2a824ed5-0870fa35d9474956-01 etag "64f25363-daa8" vary Accept-Encoding content-type application/javascript cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Sat, 25 Nov 2023 19:17:42 GMT
GET H2	200	ts t.paypal.com/	42 B 511 B	192ms 155ms	Image image/gif	151.101.65.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&fltp=analytics&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=UN%20World%20Food%20Programme%20(WFP)&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700936262058&g=-60&completeurl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&disableSetCookie=true Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-cache-hits 0 date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 7560deb7bb633 server-timing content-encoding;desc="",x-cdn;desc="fastly" x-served-by cache-fra-eddf8230050-FRA pragma no-cache correlation-id 7560deb7bb633 traceparent 00-00000000000000000007560deb7bb633-3e452d3c2a0f1024-01 x-timer S1700936262.100197,VS0,VE148 vary Accept-Encoding content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Sat, 25 Nov 2023 18:17:42 GMT
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 6C87	474 B 396 B	6ms 6ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-card-945b3142710d6a867ce4eae94a4065b8.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 4917ee81-126f-41fb-a9e5-99461180a37a x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 12
GET H2	200	font-hotjar_5.65042d.woff2 script.hotjar.com/	2 KB 3 KB	42ms 14ms	Font font/woff2	13.227.219.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/font-hotjar_5.65042d.woff2 Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.28 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-28.ams54.r.cloudfront.net Software / Resource Hash fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 01 Sep 2023 23:49:20 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 3542cbb3a5773810405fca7ba271be44.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 7324102 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Fri, 01 Sep 2023 09:38:54 GMT etag "c9fb9163f8b7be37023ebe649688bebf" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 x-robots-tag none x-amz-cf-id 38BAq_LbrvFdzfTVxTt3vmdsC6d1fOqlgH4UQZM-vnLcCS4Mlgxxcw==
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	532ms 532ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486466 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262485887 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	534ms 534ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486347 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1700936262485744 access-control-allow-credentials true content-length 0
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame 5908	19 KB 8 KB	98ms 98ms	Document text/html	2a00:1450:400c:c02::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 46b09630157ad786bef61839e48dac1f0482c49d13ed96fccf8a13a0ac29f5a0 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cVtgWETW7llJWWEa4uWAsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=3600 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-cVtgWETW7llJWWEa4uWAsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin cross-origin-resource-policy same-site date Sat, 25 Nov 2023 18:17:42 GMT expires Sat, 25 Nov 2023 18:17:42 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	515ms 514ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262485983 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262485778 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	486ms 486ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486053 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262485790 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	485ms 485ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486499 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262485954 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	495ms 495ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486532 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262486081 access-control-allow-credentials true content-length 0
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame A59C	55 KB 24 KB	160ms 52ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t60icy42mpru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 14:00:04 GMT content-encoding gzip x-content-type-options nosniff age 15458 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Nov 2024 14:00:04 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame A59C	468 KB 188 KB	188ms 80ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t60icy42mpru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 15:01:59 GMT content-encoding gzip x-content-type-options nosniff age 11743 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192016 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Nov 2024 15:01:59 GMT
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	503ms 503ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486538 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262486142 access-control-allow-credentials true content-length 0
GET H2	200	index.html Show response www.paypalobjects.com/muse/analytics/ Frame 3BE3	55 KB 17 KB	9ms 9ms	Document text/html	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/analytics/index.html Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/muse.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CBF) / Resource Hash 7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control s-maxage=31536000, public,max-age=3600 content-encoding gzip content-length 16892 content-type text/html date Sat, 25 Nov 2023 18:17:42 GMT dc ccg11-origin-www-1.paypal.com etag "64f25363-dacc" expires Sat, 25 Nov 2023 19:17:42 GMT last-modified Fri, 01 Sep 2023 21:10:59 GMT paypal-debug-id 18d54de39cdca server ECAcc (frc/4CBF) strict-transport-security max-age=63072000; includeSubDomains; preload timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com traceparent 00-000000000000000000018d54de39cdca-e79fc52226561604-01 vary Accept-Encoding x-cache HIT x-content-type-options nosniff
POST H2	200	0 Show response r.stripe.com/ Frame 6C87	0 273 B	484ms 484ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486193 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262485888 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 6C87	0 273 B	506ms 506ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486726 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262486125 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 6C87	0 272 B	494ms 494ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486787 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262486120 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	506ms 506ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486489 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262486136 access-control-allow-credentials true content-length 0
GET H2	200	noop.js Show response www.paypalobjects.com/muse/ Frame 3BE3	18 B 211 B	176ms 176ms	Fetch application/javascript	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/muse/noop.js Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/analytics/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (daa/7D46) / Resource Hash 0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypalobjects.com/muse/analytics/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff paypal-debug-id d9924799ddc2e dc ccg11-origin-www-1.paypal.com content-length 18 last-modified Sat, 13 Feb 2021 00:26:56 GMT server ECAcc (daa/7D46) traceparent 00-0000000000000000000d9924799ddc2e-45ff8646f21955ba-01 etag "60271cd0-12" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Sat, 25 Nov 2023 18:17:41 GMT
GET H2	200	ts t.paypal.com/	42 B 167 B	166ms 166ms	Image image/gif	151.101.65.35 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&es=visitorInfoFlowStarted&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=UN%20World%20Food%20Programme%20(WFP)&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700936262137&g=-60&completeurl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&disableSetCookie=true Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.35 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-cache-hits 0 date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS p3p CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id 578847084e9f4 server-timing content-encoding;desc="",x-cdn;desc="fastly" x-served-by cache-fra-eddf8230050-FRA pragma no-cache correlation-id 578847084e9f4 traceparent 00-0000000000000000000578847084e9f4-59ec281d88a0223f-01 x-timer S1700936262.143451,VS0,VE158 vary Accept-Encoding content-type image/gif cache-control max-age=0, no-cache, no-store, must-revalidate accept-ranges bytes timing-allow-origin * expires Sat, 25 Nov 2023 18:17:42 GMT
GET H2	200	js Show response www.paypal.com/sdk/ Frame CFD7	291 KB 79 KB	27ms 26ms	Script application/javascript	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Requested by Host: www.paypal.com URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f9911182bf3ba&storageID=uid_b2c4c27287_mtg6mtc6nde&sessionID=uid_f4ad8c6fd2_mtg6mtc6nde&buttonSessionID=uid_45e869554f_mtg6mtc6nde&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b4aed8f020fd953f1d3cb7ff9ca54872f591003be889e6008617ada390c83d27 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f9911182bf3ba&storageID=uid_b2c4c27287_mtg6mtc6nde&sessionID=uid_f4ad8c6fd2_mtg6mtc6nde&buttonSessionID=uid_45e869554f_mtg6mtc6nde&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Ylm0inaiRKXfw+xJg38ZXY9wUFF7usotkwJ74VvibDaFYScO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff disable-set-cookie true via 1.1 varnish, 1.1 varnish date Sat, 25 Nov 2023 18:17:42 GMT age 5661 strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT, MISS p3p true paypal-debug-id f59179709ba00 server-timing "traceparent;desc="00-0000000000000000000f59179709ba00-a0d5d4544aa779af-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 79334 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f59179709ba00-e59e7c252c2c95b1-01 x-timer S1700936262.205990,VS0,VE18 etag W/"135e6-CsGXhwDtXnchoovZ7TXOnY21MYI" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 2, 0
GET H3	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 5908	159 KB 56 KB	227ms 214ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d641cd345ecb8a76c6c52db24e446414e58e1ea3b3de1e6962a277fd5a86858 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 15:09:07 GMT content-encoding gzip x-content-type-options nosniff age 97715 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57479 x-xss-protection 0 last-modified Wed, 15 Nov 2023 07:33:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 15:09:07 GMT
GET DATA	200 OK	truncated / Frame CFD7	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5908	2 KB 2 KB	151ms 151ms	Other text/html	2a00:1450:400c:c02::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1608 content-type text/html; charset=UTF-8
POST H2	200	graphql Show response www.paypal.com/targeting/ Frame 3BE3	435 B 1 KB	262ms 262ms	Fetch application/json	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/targeting/graphql?disableSetCookie=true Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/muse/analytics/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c17dac4c909e3146dff5c35805324f4a0d59f89d81e56faedda0b40dd5c445bc Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-gbEuyc+IpI5Bw272l3ScNLCM0H2X/K++tXq0xGMBU7bTzTGc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.paypalobjects.com/ disable-set-cookie true accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-gbEuyc+IpI5Bw272l3ScNLCM0H2X/K++tXq0xGMBU7bTzTGc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; content-encoding gzip via 1.1 varnish, 1.1 varnish date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-cache MISS, MISS paypal-debug-id f425631337655 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f425631337655-0b0e846c4aa8a70e-01 x-timer S1700936263.517448,VS0,VE249 etag W/"1b3-hWqRVrItDjq33zYc+jhHtG9dZ84" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.paypalobjects.com access-control-expose-headers Paypal-Debug-Id cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges bytes x-cache-hits 0, 0
OPTIONS H2	204	graphql www.paypal.com/targeting/ Frame	0 0	191ms 178ms	Preflight	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/targeting/graphql?disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers content-type,disable-set-cookie Access-Control-Request-Method POST Origin https://www.paypalobjects.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-allow-credentials true access-control-allow-headers content-type,disable-set-cookie access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://www.paypalobjects.com access-control-expose-headers Paypal-Debug-Id cache-control max-age=0, no-cache, no-store, must-revalidate date Sat, 25 Nov 2023 18:17:42 GMT dc ccg11-origin-www-1.paypal.com origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f23532172226f permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f23532172226f-b44f57761c7cd380-01 via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-served-by cache-fra-eddf8230025-FRA, cache-fra-eddf8230025-FRA x-timer S1700936262.334780,VS0,VE171
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	213ms 213ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486542 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262486261 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	249ms 249ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486838 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262486219 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	235ms 235ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486941 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262486177 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	248ms 248ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486436 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1700936262486181 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	246ms 245ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486498 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1700936262486204 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	232ms 232ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486950 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262486234 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	245ms 245ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262487003 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262486329 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame 4C0D	0 273 B	244ms 244ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262487016 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262486396 access-control-allow-credentials true content-length 0
GET H2	200	phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js Show response js.stripe.com/v3/fingerprinted/js/	129 KB 35 KB	9ms 9ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish age 3349212 x-cache HIT content-length 36129 x-request-id 12fab4c7-4ce2-4787-8856-b34d54eaa303 x-served-by cache-fra-eddf8230042-FRA last-modified Thu, 12 Oct 2023 20:01:48 GMT server Fastly etag "7b4e2a05caba7714610def4c9240cad9" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 11255
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	252ms 252ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486670 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1700936262486404 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	217ms 217ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262486656 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262486516 access-control-allow-credentials true content-length 0
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/ Frame CFD7	1 KB 1 KB	200ms 199ms	XHR application/json	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4a262b3e758ff6a4b074d320b14b573ea42c7a3460612b5c480396938e2d11ee Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json Referer https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f9911182bf3ba&storageID=uid_b2c4c27287_mtg6mtc6nde&sessionID=uid_f4ad8c6fd2_mtg6mtc6nde&buttonSessionID=uid_45e869554f_mtg6mtc6nde&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS, MISS paypal-debug-id f235321180a80 server-timing content-encoding;desc="br",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f235321180a80-aca6953fa5baeca3-01 x-timer S1700936262.408667,VS0,VE192 etag W/"402-54HPbw970l4ZJVkFQXrma87qKoY" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.paypal.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges none x-cache-hits 0, 0
POST H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame CFD7	1022 B 1 KB	217ms 217ms	Ping application/json	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f9911182bf3ba&storageID=uid_b2c4c27287_mtg6mtc6nde&sessionID=uid_f4ad8c6fd2_mtg6mtc6nde&buttonSessionID=uid_45e869554f_mtg6mtc6nde&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9b04541171d6a1000a9f3688b092e9f82c05f29e90e0173b28a50f3d756e428e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.410&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f9911182bf3ba&storageID=uid_b2c4c27287_mtg6mtc6nde&sessionID=uid_f4ad8c6fd2_mtg6mtc6nde&buttonSessionID=uid_45e869554f_mtg6mtc6nde&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS, MISS paypal-debug-id f235321d13900 server-timing content-encoding;desc="br",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f235321d13900-63ee9c463eef0f84-01 x-timer S1700936262.421539,VS0,VE210 etag W/"3fe-F8o9wpdtgYNkvTP80DndvKc4X80" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.paypal.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges none x-cache-hits 0, 0
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame A59C	2 KB 2 KB	52ms 51ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 20:04:28 GMT x-content-type-options nosniff age 425594 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Mon, 27 Nov 2023 20:04:28 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame A59C	15 KB 16 KB	167ms 52ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t60icy42mpru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 02:58:03 GMT x-content-type-options nosniff age 55179 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 02:58:03 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame A59C	15 KB 15 KB	178ms 64ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t60icy42mpru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 18:52:48 GMT x-content-type-options nosniff age 84294 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 23 Nov 2024 18:52:48 GMT
GET H3	200	webworker.js www.recaptcha.net/recaptcha/api2/ Frame A59C	102 B 135 B	62ms 62ms	Other text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t60icy42mpru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=t60icy42mpru User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sat, 25 Nov 2023 18:17:42 GMT
GET H3	200	m=Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVX... Frame 5908	73 KB 27 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVXxVcck.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriuTIfKJvcF0dHzmQsniDQ7pbD2jQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 747693094d8736b1d3c2f6997bd01af07b156db9bff54a8db587d3709955d943 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 10:11:56 GMT content-encoding gzip x-content-type-options nosniff age 29146 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27293 x-xss-protection 0 last-modified Tue, 14 Nov 2023 02:58:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sun, 24 Nov 2024 10:11:56 GMT
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame 5908	1 MB 375 KB	104ms 104ms	XHR text/html	2a00:1450:400c:c02::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 897d0a2fd7e4a5036a06ed9d306563437cd6db4e48779e49184fb9c1cb5cc906 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-nrAE-Okf8u08fUmOJFuYiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=31536000 content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-nrAE-Okf8u08fUmOJFuYiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 x-ua-compatible IE=edge accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy unsafe-none server ESF x-frame-options DENY vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Sat, 25 Nov 2023 18:17:42 GMT
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVX... Frame 5908	9 KB 4 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVXxVcck.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriuTIfKJvcF0dHzmQsniDQ7pbD2jQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 22aff09a4899c48a59b0b6963e2fc945a674556db20ce9576b54fce2d1de0812 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 18:21:58 GMT content-encoding gzip x-content-type-options nosniff age 172544 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3731 x-xss-protection 0 last-modified Tue, 14 Nov 2023 02:58:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Fri, 22 Nov 2024 18:21:58 GMT
GET H3	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVX... Frame 5908	37 KB 14 KB	55ms 55ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.YXtBVXxVcck.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriuTIfKJvcF0dHzmQsniDQ7pbD2jQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33024a69c55c2172b2db5fa2774cec3a2ca7c2e7775847edd69bdf4d358cc336 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 01:45:15 GMT content-encoding gzip x-content-type-options nosniff age 145947 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14131 x-xss-protection 0 last-modified Tue, 14 Nov 2023 02:58:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 01:45:15 GMT
POST H3	200	log Show response play.google.com/ Frame 5908	131 B 155 B	205ms 92ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:42 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	173ms 61ms	Preflight text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Sat, 25 Nov 2023 18:17:42 GMT expires Sat, 25 Nov 2023 18:17:42 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 5908	131 B 155 B	206ms 92ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:42 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	172ms 60ms	Preflight text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Sat, 25 Nov 2023 18:17:42 GMT expires Sat, 25 Nov 2023 18:17:42 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 5908	131 B 155 B	204ms 91ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:42 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	172ms 61ms	Preflight text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Sat, 25 Nov 2023 18:17:42 GMT expires Sat, 25 Nov 2023 18:17:42 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 5908	131 B 155 B	205ms 93ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:42 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	172ms 62ms	Preflight text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Sat, 25 Nov 2023 18:17:42 GMT expires Sat, 25 Nov 2023 18:17:42 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 5908	131 B 155 B	206ms 94ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:42 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	172ms 61ms	Preflight text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Sat, 25 Nov 2023 18:17:42 GMT expires Sat, 25 Nov 2023 18:17:42 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 5908	131 B 155 B	202ms 90ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.MOKkx_he4kc.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri-q2AyGdG4pfctk2Ymn9GaZnMncQ/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ X-Goog-AuthUser 0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding gzip server Playlog x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://pay.google.com p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers X-Playlog-Web content-length 131 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 25 Nov 2023 18:17:42 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	170ms 61ms	Preflight text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Sat, 25 Nov 2023 18:17:42 GMT expires Sat, 25 Nov 2023 18:17:42 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 272 B	178ms 178ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262636110 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262635946 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	177ms 177ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262636370 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262636165 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	178ms 178ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262637521 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262637328 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 274 B	201ms 201ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262637708 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 25 x-stripe-client-envoy-start-time-us 1700936262637540 access-control-allow-credentials true content-length 0
GET H2	200	elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html Show response js.stripe.com/v3/ Frame D006	820 B 1 KB	7ms 6ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 9c844b7f19deac038ac61911e45076cdd9cfa593fd5edaa4c10dcce14450fc30 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 333108 cache-control max-age=31536000 content-encoding br content-length 370 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:42 GMT etag "3fc1528b91664a08f81a91b3e1b4fb94" last-modified Tue, 21 Nov 2023 21:42:46 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 3653 x-content-type-options nosniff x-request-id e81b00f3-c970-4a68-961b-65daa0232f7d x-served-by cache-fra-eddf8230042-FRA
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	178ms 178ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262640899 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262640605 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	178ms 177ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262640963 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262640813 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	197ms 197ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262658929 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 2 x-stripe-client-envoy-start-time-us 1700936262658407 access-control-allow-credentials true content-length 0
GET H2	200	shared-034cdd2c4682c3cd48f45db802391e97.js Show response js.stripe.com/v3/fingerprinted/js/ Frame D006	535 KB 130 KB	7ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0286be62eb9944622e77c19ff7eba24bdd3111aca9001e58b85be0cbd6c2fdd8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish age 333167 x-cache HIT content-length 132379 x-request-id 4e560647-c92a-4c9a-b871-7ea94ce3af99 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:42:59 GMT server Fastly etag "4adf041aecab7c994b8ef683544e9e0e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 21
GET H2	200	ui-shared-2ddf66e67375be37473d6d987fe9e201.js Show response js.stripe.com/v3/fingerprinted/js/ Frame D006	388 KB 111 KB	8ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/ui-shared-2ddf66e67375be37473d6d987fe9e201.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash af90523d06b85ca7a8713d86f68d7baad4d02cb692c7edaef254531ba4db0025 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish age 333108 x-cache HIT content-length 112985 x-request-id a0342996-7dcb-4f14-b866-3fecf3750441 x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 21 Nov 2023 21:43:00 GMT server Fastly etag "cd75a9c32c4069c83259ea8e3197aab5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 10379
GET H2	200	elements-inner-payment-request-46209bf6864622de5f0f03cebb296322.js Show response js.stripe.com/v3/fingerprinted/js/ Frame D006	72 KB 25 KB	15ms 15ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-46209bf6864622de5f0f03cebb296322.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 3b6a1c19d2ec36d6fe731ab808f95d57f10a09f8ba8972d19dda4e11b3067c6f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish age 764701 x-cache HIT content-length 25803 x-request-id 36e69cc3-1842-45ef-a431-99e307600751 x-served-by cache-fra-eddf8230042-FRA last-modified Thu, 16 Nov 2023 21:48:58 GMT server Fastly etag "e50f60e5f34f9cda3db43b7e45bd2bb6" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 7326
GET H2	200	ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css js.stripe.com/v3/fingerprinted/css/ Frame D006	20 KB 3 KB	8ms 7ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish age 1524978 x-cache HIT content-length 3304 x-request-id be18d2ac-5030-4981-8e2f-72f2bbcec8fd x-served-by cache-fra-eddf8230042-FRA last-modified Mon, 24 Jul 2023 20:23:04 GMT server Fastly etag "b361d7109e9925ca18e32c9da528520f" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 23925
GET H2	200	elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css js.stripe.com/v3/fingerprinted/css/ Frame D006	11 KB 3 KB	8ms 8ms	Stylesheet text/css	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish age 934114 x-cache HIT content-length 2547 x-request-id 6aef1c97-f454-4b57-bb69-cac757b8371b x-served-by cache-fra-eddf8230042-FRA last-modified Tue, 22 Aug 2023 19:34:17 GMT server Fastly etag "828ee6578d45b518446bf74a1cc39038" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 8373
POST H2	200	csp-report q.stripe.com/ Frame D006	0 716 B	186ms 186ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262658850 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262658474 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame D006	0 716 B	185ms 185ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262658836 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262658503 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame D006	474 B 373 B	18ms 18ms	Fetch application/json	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b5582d3ab4f541d6762b117247251827bc82574d3ee3a0601984427ea6fda7ad Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/v3/elements-inner-payment-request-3fc1528b91664a08f81a91b3e1b4fb94.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding br via 1.1 varnish strict-transport-security max-age=31556926; includeSubDomains; preload age 5 x-cache HIT content-length 298 x-request-id 2cfab28c-c4c0-485d-9bf7-3af62b7d298c x-served-by cache-fra-eddf8230045-FRA last-modified Tue, 21 Nov 2023 22:18:21 GMT server Fastly etag "d8a586c7d9991279896cf65e3e3de724" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 13
GET H/1.1	200 OK	pstats.html Show response a.rfihub.com/ Frame D77A	26 B 962 B	16ms 16ms	Document text/html	193.0.160.130 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://a.rfihub.com/pstats.html?rb=27244&ca=20777079&ri=c1c33570a36dff8da9fcb24161b759ee&stats=%7B%2213488%22%3A%22560%2C2%22%2C%2217243%22%3A%2271%2C1%22%2C%2242261%22%3A%2270%2C1%22%2C%2250495%22%3A%22317%2C1%22%2C%2252220%22%3A%22109%2C1%22%2C%2253935%22%3A%22154%2C1%22%2C%2254497%22%3A%22139%2C1%22%2C%2254855%22%3A%2271%2C2%22%2C%2254863%22%3A%22425%2C1%22%2C%2255073%22%3A%22154%2C2%22%2C%2256659%22%3A%22289%2C1%22%2C%2256885%22%3A%22109%2C2%22%2C%2257347%22%3A%22210%2C2%22%2C%2257363%22%3A%22315%2C1%22%2C%2258143%22%3A%22143%2C1%22%2C%2258553%22%3A%22382%2C2%22%2C%2258561%22%3A%22432%2C1%22%7D&ra=07227535839410715 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.4.51.v20230217) / Resource Hash f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623 Request headers Referer https://5499309.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 26 Content-Type text/html;charset=iso-8859-1 Date Sat, 25 Nov 2023 18:17:42 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.4.51.v20230217)
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	179ms 179ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262725869 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262725727 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 271 B	180ms 178ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262732702 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262732208 access-control-allow-credentials true content-length 0
GET H2	200	m-outer-27c67c0d52761104439bb051c7856ab1.html Show response js.stripe.com/v3/ Frame 9FF6	200 B 804 B	7ms 6ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://donate.wfp.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1525215 cache-control max-age=31536000 content-encoding br content-length 154 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:42 GMT etag "27c67c0d52761104439bb051c7856ab1" last-modified Fri, 08 Sep 2023 21:23:50 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 373345 x-content-type-options nosniff x-request-id 24dd29a1-ea4c-458a-8826-685980b629a6 x-served-by cache-fra-eddf8230042-FRA
GET H2	200	sparkcentral.1.25.7.css cdn.sparkcentral.com/rtm/web/1.25.7/	3 KB 1 KB	15ms 14ms	Stylesheet text/css	2600:9000:20a0:ca00:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.css Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20a0:ca00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 00:18:38 GMT content-encoding gzip via 1.1 8c6af47a034eacd38f7f934dfc1eaa40.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:30 GMT server AmazonS3 x-amz-cf-pop AMS58-P2 age 65551 x-amz-server-side-encryption AES256 etag W/"4c74258ace5e1e172fe16e0f81170ea4" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC x-amz-cf-id kgeq7i4SyzCh_jUaONb09iZjcyaZRBjZ04dDaYheJuB5-VN9EGp-9w==
GET H2	200	frame.1.25.7.css cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 75D3	96 KB 15 KB	16ms 15ms	Stylesheet text/css	2600:9000:20a0:ca00:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20a0:ca00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962 Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 05:25:59 GMT content-encoding gzip via 1.1 8c6af47a034eacd38f7f934dfc1eaa40.cloudfront.net (CloudFront) last-modified Fri, 19 Feb 2021 16:46:29 GMT server AmazonS3 x-amz-cf-pop AMS58-P2 age 46583 x-amz-server-side-encryption AES256 etag W/"79560a9f764fa94e6e9d749b61ac292a" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC x-amz-cf-id ayPU46Jsu0TwdCzl1xvXVUvY6POvxcd6UMacTOEcFVNVK1i4vBh9JQ==
GET H2	200	frame.1.25.7.min.js Show response cdn.sparkcentral.com/rtm/web/1.25.7/ Frame 75D3	833 KB 253 KB	17ms 17ms	Script application/javascript	2600:9000:20a0:ca00:14:56a0:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20a0:ca00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d Request headers Referer https://donate.wfp.org/ Origin https://donate.wfp.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 23:01:38 GMT content-encoding gzip via 1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P2 age 71256 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-meta-lastmodified 2020-03-16 15:17:38 +0000 UTC last-modified Fri, 19 Feb 2021 16:46:30 GMT server AmazonS3 etag W/"461058a8e768a1691575ed540ddecdab" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id _bh4MVBv7kLWe4dsOMhLcfnSeO13T4_Cj2wk48vvcIPyuH1uW1vTGQ==
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	180ms 180ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262780943 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1700936262780308 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	179ms 179ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262781199 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1700936262780647 access-control-allow-credentials true content-length 0
POST H2	200	0 Show response r.stripe.com/ Frame C5C9	0 273 B	181ms 181ms	Fetch text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-034cdd2c4682c3cd48f45db802391e97.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sat, 25 Nov 2023 18:17:42 GMT x-stripe-server-envoy-start-time-us 1700936262783449 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 5 x-stripe-client-envoy-start-time-us 1700936262783006 access-control-allow-credentials true content-length 0
GET H2	200	m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 9FF6	631 B 585 B	8ms 8ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:42 GMT via 1.1 varnish age 2203159 x-cache HIT content-length 399 x-request-id b2b62e66-4466-4e2f-9969-05ec821558ad x-served-by cache-fra-eddf8230042-FRA last-modified Fri, 08 Sep 2023 21:23:49 GMT server Fastly etag "70cacf09ae81711ac6dcbc5ee59750c4" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 355687
POST H2	200	csp-report q.stripe.com/ Frame 9FF6	0 716 B	179ms 179ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262796379 x-envoy-upstream-service-time 4 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262795904 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 9FF6	0 716 B	177ms 177ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262796479 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1700936262795918 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame C62D	930 B 2 KB	103ms 16ms	Document text/html	2600:9000:25e8:c800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25e8:c800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 36 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sat, 25 Nov 2023 18:17:07 GMT etag "06bfcd88af438673a8bf9b845a11aa6e" last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront) x-amz-cf-id bzpVYtbuPTrWrcUG-a4ER04n6W55kmv_XNc63WrD9_znw_dlVBhxUA== x-amz-cf-pop AMS1-P3 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	logger Show response www.paypal.com/xoplatform/logger/api/	1016 B 900 B	186ms 186ms	XHR application/json	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 39d67921cb04cebef48489300ab3105ff9e9c141b297a16575a0b9c58e4d5f6c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers date Sat, 25 Nov 2023 18:17:43 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS, MISS paypal-debug-id f4256317b0fb9 server-timing content-encoding;desc="br",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com x-served-by cache-fra-eddf8230025-FRA, cache-fra-eddf8230025-FRA accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 traceparent 00-0000000000000000000f4256317b0fb9-b4f84cbf972d6714-01 x-timer S1700936263.937688,VS0,VE179 etag W/"3f8-ew+CRwN5/+UNLD0ZUZKc9BPXzwY" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://donate.wfp.org cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") accept-ranges none x-cache-hits 0, 0
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	189ms 189ms	Preflight	151.101.1.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://donate.wfp.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers accept-ch sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64 accept-ranges bytes access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://donate.wfp.org cache-control max-age=0, no-cache, no-store, must-revalidate content-length 0 date Sat, 25 Nov 2023 18:17:42 GMT dc ccg11-origin-www-1.paypal.com origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f425631c24074 permissions-policy ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com") server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload traceparent 00-0000000000000000000f425631c24074-e4fa9b8953def2a3-01 via 1.1 varnish, 1.1 varnish x-cache MISS, MISS x-cache-hits 0, 0 x-content-type-options nosniff x-served-by cache-fra-eddf8230025-FRA, cache-fra-eddf8230025-FRA x-timer S1700936263.747885,VS0,VE182
GET H2	200	config Show response 5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame 75D3	960 B 705 B	76ms 75ms	Fetch application/json	2606:4700::6812:1eae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config Requested by Host: cdn.sparkcentral.com URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:1eae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc838672536724abbc5ea2a23d9545d037b9f53683b26783e498542e817b29dc Request headers accept-language de-DE,de;q=0.9 x-smooch-sdk web/sparkcentral/1.25.7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Accept application/json x-smooch-clientid a076ff8aac3448448b856c397ee6d27d Referer https://donate.wfp.org/ x-smooch-appid 5f3157de284bd6000cc5b1eb Response headers date Sat, 25 Nov 2023 18:17:42 GMT content-encoding br cf-cache-status DYNAMIC x-request-id 82bbe3db3eab3689-FRA x-zendesk-account-subdomain - pragma no-cache server cloudflare etag W/"3c0-kWDdKJ1ssH429FehfcW/iSfwzlg" x-zendesk-zorg yes vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://donate.wfp.org access-control-expose-headers Retry-After cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 82bbe3db3eab3689-FRA expires -1
OPTIONS H2	200	config 5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame	0 0	130ms 71ms	Preflight	2606:4700::6812:1eae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:1eae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk Access-Control-Request-Method GET Origin https://donate.wfp.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk access-control-allow-methods GET, HEAD, PUT, POST, DELETE, OPTIONS access-control-allow-origin https://donate.wfp.org access-control-max-age 2592000 cache-control private, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 82bbe3dace113689-FRA content-length 0 date Sat, 25 Nov 2023 18:17:42 GMT expires -1 pragma no-cache server cloudflare vary Origin x-request-id 82bbe3dace113689-FRA x-zendesk-account-subdomain - x-zendesk-zorg yes
POST H2	200	csp-report q.stripe.com/ Frame C62D	0 490 B	177ms 177ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517& Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/csp-report Response headers date Sat, 25 Nov 2023 18:17:42 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936262908350 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 0 x-stripe-client-envoy-start-time-us 1700936262907916 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame C62D	87 KB 14 KB	18ms 18ms	Script text/javascript	2600:9000:25e8:c800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25e8:c800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 18:14:00 GMT content-encoding br via 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront age 224 x-content-type-options nosniff etag W/"69cb7809b5011312e716f29b3d19dce6" x-amz-cf-pop AMS1-P3 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=300, public x-amz-cf-id q9owbVPKKGODTmVeMv0eUJ-TCt0c2dRaAdpKsYqyuNptTiFQoAYK3w==
POST H2	200	6 Show response m.stripe.com/ Frame C62D	156 B 670 B	553ms 179ms	XHR application/json	54.201.135.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-135-255.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 3add79b53a1129dcb26c4862a1d52e1675340b1fce9e69bc837966d217186332 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Sat, 25 Nov 2023 18:17:43 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936263341514 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1700936263341007 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H2	200	2fb46965575c0c497c81e110c437f0ce.jpg media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/ Frame 75D3	13 KB 14 KB	90ms 27ms	Image image/png	18.66.26.10 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/2fb46965575c0c497c81e110c437f0ce.jpg Requested by Host: donate.wfp.org URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.26.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-26-10.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 01 Feb 2023 00:05:04 GMT x-amz-version-id jXX0xo4WZeYgkmw3zDgFQK5_DSvCWDa3 via 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront) x-content-type-options nosniff age 25726360 x-amz-cf-pop VIE50-P1 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 13712 last-modified Mon, 24 Aug 2020 07:47:47 GMT server AmazonS3 etag "d672f813fc7205fef9cfbd559be83e62" content-type image/png cache-control max-age=315532800 accept-ranges bytes x-robots-tag noindex x-amz-cf-id 9tm3Rob-TGyuonCmmykZ5QsYMDx2YDTU0xRejcNG7cSYMf4E1IjL2g==
POST H2	200	6 Show response m.stripe.com/ Frame C62D	156 B 669 B	179ms 179ms	XHR application/json	54.201.135.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-135-255.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 3add79b53a1129dcb26c4862a1d52e1675340b1fce9e69bc837966d217186332 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Sat, 25 Nov 2023 18:17:43 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936263527976 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 3 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1700936263527667 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	6 Show response m.stripe.com/ Frame C62D	156 B 669 B	227ms 227ms	XHR application/json	54.201.135.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-135-255.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 3add79b53a1129dcb26c4862a1d52e1675340b1fce9e69bc837966d217186332 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Sat, 25 Nov 2023 18:17:43 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936263577694 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1700936263577415 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	204	/ metrics.hotjar.io/	0 70 B	138ms 28ms	Ping text/plain	52.30.201.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://metrics.hotjar.io/?v=6 Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2048364.js?sv=7 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 52.30.201.74 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-201-74.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://donate.wfp.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 25 Nov 2023 18:17:44 GMT vary Origin
POST H2	200	6 Show response m.stripe.com/ Frame C62D	156 B 669 B	179ms 178ms	XHR application/json	54.201.135.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-201-135-255.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 3add79b53a1129dcb26c4862a1d52e1675340b1fce9e69bc837966d217186332 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Sat, 25 Nov 2023 18:17:45 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1700936265939585 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1700936265939277 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H2	200	trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response js.stripe.com/v3/fingerprinted/js/	295 B 379 B	8ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://donate.wfp.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Sat, 25 Nov 2023 18:17:47 GMT via 1.1 varnish age 1597001 x-cache HIT content-length 209 x-request-id fa7a7a78-939e-4c1a-95b7-1d69129f5c83 x-served-by cache-fra-eddf8230042-FRA last-modified Sun, 13 Nov 2022 20:03:40 GMT server Fastly etag "477956b204dfd45e10334fc060914d4b" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 61279