www.mesopinions.com Open in urlscan Pro
2a0a:1580:2000:1c00::16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.news.mesopinions.com/c/?t=9780c86-1s-qkf5e-1q41e-!im0qq
Effective URL:
https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&u...
Submission: On July 01 via api (July 1st 2022, 9:36:29 am UTC) from US — Scanned from FR

Summary HTTP 197 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 17 domains to perform 197 HTTP transactions. The main IP is 2a0a:1580:2000:1c00::16, located in France and belongs to ODISO-AS, FR. The main domain is www.mesopinions.com.
TLS certificate: Issued by R3 on May 19th 2022. Valid for: 3 months.

This is the only time www.mesopinions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.151.189.219 185.151.189.219	34993 (ODISO-AS) (ODISO-AS)
2 36	2a0a:1580:200... 2a0a:1580:2000:1c00::16	34993 (ODISO-AS) (ODISO-AS)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
36	108.138.7.103 108.138.7.103	16509 (AMAZON-02) (AMAZON-02)
10	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	52.50.116.85 52.50.116.85	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
47	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1501	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	13.224.189.45 13.224.189.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	54.201.229.78 54.201.229.78	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
197	31

1 185.151.189.219 (France) 1 redirects

ASN34993 (ODISO-AS, FR)
PTR: mindproxyvip.odiso.net

t.news.mesopinions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a0a:1580:2000:1c00::16 (France) 2 redirects

ASN34993 (ODISO-AS, FR)

www.mesopinions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 108.138.7.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-103.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.116.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-116-85.eu-west-1.compute.amazonaws.com

prz.mesopinions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1501 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-45.fra2.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.201.229.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-229-78.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	stripe.com js.stripe.com — Cisco Umbrella Rank: 1748 q.stripe.com — Cisco Umbrella Rank: 12728 r.stripe.com — Cisco Umbrella Rank: 6405 m.stripe.com — Cisco Umbrella Rank: 1533	907 KB
38	mesopinions.com 3 redirects t.news.mesopinions.com www.mesopinions.com prz.mesopinions.com	509 KB
19	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2229 t.paypal.com — Cisco Umbrella Rank: 3103 c.paypal.com — Cisco Umbrella Rank: 5726 b.stats.paypal.com — Cisco Umbrella Rank: 5095 dub.stats.paypal.com — Cisco Umbrella Rank: 20429 c6.paypal.com — Cisco Umbrella Rank: 6513	386 KB
18	google.com pay.google.com — Cisco Umbrella Rank: 4221 www.google.com — Cisco Umbrella Rank: 8 play.google.com — Cisco Umbrella Rank: 46	389 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	170 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 b.clarity.ms — Cisco Umbrella Rank: 5183 c.clarity.ms — Cisco Umbrella Rank: 1113	26 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	41 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	197 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	194 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	516 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1852	16 KB
1	google.fr www.google.fr — Cisco Umbrella Rank: 13250	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	3 KB
197	17

	Domain	Requested by
38	r.stripe.com	js.stripe.com
36	js.stripe.com	www.mesopinions.com js.stripe.com
36	www.mesopinions.com	2 redirects www.mesopinions.com
13	play.google.com	www.gstatic.com
10	www.paypal.com	www.mesopinions.com www.paypal.com
9	q.stripe.com	www.mesopinions.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gstatic.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com www.mesopinions.com www.gstatic.com
4	connect.facebook.net	www.mesopinions.com connect.facebook.net
4	www.googletagmanager.com	www.mesopinions.com www.googletagmanager.com
3	www.facebook.com	www.mesopinions.com
3	fonts.gstatic.com	fonts.googleapis.com
3	bat.bing.com	www.mesopinions.com bat.bing.com
2	c.clarity.ms	1 redirects
2	b.clarity.ms	www.clarity.ms
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.clarity.ms	bat.bing.com www.clarity.ms
1	c6.paypal.com
1	c.bing.com	1 redirects
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	www.google.fr	www.mesopinions.com
1	www.google.com	www.mesopinions.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	t.paypal.com	www.mesopinions.com
1	prz.mesopinions.com	www.mesopinions.com
1	fonts.googleapis.com	www.mesopinions.com
1	cdnjs.cloudflare.com	www.mesopinions.com
1	t.news.mesopinions.com	1 redirects
197	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
www.mesopinions.com R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.mesopinions.com Amazon	`2022-02-15` - `2023-03-15`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
Frame ID: E23D726E2F957221472AB606986B69F6
Requests: 75 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 084066628166DFDD364B64924E558F77
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-777bf61584e6bc6567b89535cff967f0.html
Frame ID: 94840EFBFBB31672FC79FE03B091DDDC
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html
Frame ID: 257AC24ED46DA4F7FCC05E26389E1A47
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-c26fae9d50fd2cd155cb83bec1234510.html
Frame ID: E072E480136AEF840585A35CC416CEFA
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
Frame ID: 6EFBC726A74F2110664E84C0B50D2220
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
Frame ID: 3A5946F3FE1E65F31D92686F66F58A96
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
Frame ID: 105975D99307C7F0AF2CB076EA7FDE68
Requests: 7 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.320&components.0=buttons&locale.lang=fr&locale.country=FR&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhVZl9DcVQtQVBmYWJTalpRSWJIQmRnRnRoNWV5WnBiSWR1TlBDUHBtc3hEcHBVeXdRT0h3c05TblRlcUI2bTlsTGtjMUU1TEdhRFdTdmsmY3VycmVuY3k9RVVSJmxvY2FsZT1mcl9GUiZkaXNhYmxlLWZ1bmRpbmc9Y3JlZGl0LGNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF90anJqbmxweGJrc2Roc29pc21haWduaGlxZXdyZmkifX0&clientID=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&sdkCorrelationID=f528264b70f5a&storageID=uid_d3ab2bfa85_mdk6mzy6mji&sessionID=uid_21a5aeb049_mdk6mzy6mji&buttonSessionID=uid_7184fb25fb_mdk6mzy6mji&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: D322867D9976789EAA745C10D63CE369
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4DA3754D209245DC606DBDCC01F7DAFF
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 708FE181BE1EE683D5F8CECAD81579D0
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FC8AC817488464AB9312D7AED31E8931
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 0666F2BAFB2BD8C610397D816E19D6A7
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html
Frame ID: 0B02F5004FEA401AA8444312DC728ACB
Requests: 7 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: C2885561F654A65305DF49687A3C7960
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS
Frame ID: 1ADC93A41E07A4E0B7A2AF795BB2BF0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booster la diffusion de la pétition : Le deuxième quinquennat, le temps de l'action !

Page URL History Show full URLs

https://t.news.mesopinions.com/c/?t=9780c86-1s-qkf5e-1q41e-!im0qq HTTP 302
https://www.mesopinions.com/index.php?f=home&a=redirect&idm=40289473&e=danses-urbain.0%40icloud.com&redi... HTTP 302
https://www.mesopinions.com/index.php?f=petition&a=oneClickSignature&idc=364152&idpetition=181572&email=... HTTP 302
https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soute... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

197
Requests

98 %
HTTPS

58 %
IPv6

17
Domains

34
Subdomains

31
IPs

5
Countries

2868 kB
Transfer

8480 kB
Size

38
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mesopinions

Search URL Search Domain Scan URL

URL: https://twitter.com/mesopinions_com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCsmX_RrQCtrG1mfDCIRbwog

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mesopinions/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.news.mesopinions.com/c/?t=9780c86-1s-qkf5e-1q41e-!im0qq HTTP 302
https://www.mesopinions.com/index.php?f=home&a=redirect&idm=40289473&e=danses-urbain.0%40icloud.com&redirect=https://www.mesopinions.com%2Findex.php%3Ff%3Dpetition%26a%3DoneClickSignature%26idc%3D364152%26idpetition%3D181572%26email%3Ddanses-urbain.0@icloud.com%26idcategorie%3D1%26url%3Dhttps%253A%252F%252Fwww.mesopinions.com%252Fpetition%252Fnature-environnement%252Fdeuxieme-quinquennat-temps-action%252F181572 HTTP 302
https://www.mesopinions.com/index.php?f=petition&a=oneClickSignature&idc=364152&idpetition=181572&email=danses-urbain.0@icloud.com&idcategorie=1&url=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572 HTTP 302
https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 183

https://b.stats.paypal.com/v2/counter.cgi?p=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS

Request Chain 188

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B8C86696424C406FBA8B6D1F74FE08FC&RedC=c.clarity.ms&MXFR=20086B26B71D64871B837AF2B31D6AB2 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B8C86696424C406FBA8B6D1F74FE08FC&MUID=19F611AFA10760E01995007BA03261D6

197 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request soutenir Show response
www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/
Redirect Chain

https://t.news.mesopinions.com/c/?t=9780c86-1s-qkf5e-1q41e-!im0qq
https://www.mesopinions.com/index.php?f=home&a=redirect&idm=40289473&e=danses-urbain.0%40icloud.com&redirect=https://www.mesopinions.com%2Findex.php%3Ff%3Dpetition%26a%3DoneClickSignature%26idc%3D3...
https://www.mesopinions.com/index.php?f=petition&a=oneClickSignature&idc=364152&idpetition=181572&email=danses-urbain.0@icloud.com&idcategorie=1&url=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fn...
https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022

112 KB
20 KB

73ms
73ms

Document
text/html

2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

8abb289bfb154a30d2152910e389523598813649d268405b5f1cf04babef81e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate max-age=600, private, must-revalidate
content-encoding: gzip
content-length: 19790
content-type: text/html; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: no-store, no-cache, must-revalidate max-age=600, private, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022#main-block
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 style.min.css
www.mesopinions.com/public/css/ 67 KB
9 KB 35ms
34ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/style.min.css?v=2.2

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

e4ca73df6ee4216851a57fdd72541d16e1c2cb15a343548241ba997111bbe2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8538
expires: Fri, 08 Jul 2022 09:36:21 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
www.mesopinions.com/public/js/ 86 KB
30 KB 36ms
35ms Script
application/javascript 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/js/jquery-3.4.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000, private
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 30597
expires: Tue, 30 Aug 2022 09:36:21 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.4.0/ 7 KB
3 KB 133ms
0ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.4.0/clipboard.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72deae400013e9f9159c9c194c5366240f728bcb9c1a57d52307aea1ad08563

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1849026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2289
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-1dfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orwU0iyZk1%2BfarKHDhCFfOxjIbXUM56Do%2FAgKkDTVhsJXWm3thzIigAypFwbzopSyxFTxZ0UNBKC4QudcEPcAPm3uzGDI%2FctuJLrUq%2FrbBzKIBs7pOK1f1URTwLrjYlhj4HW1ndQ4vnubN5nEKOhPCvw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 723e282b0a8d048f-CDG
expires: Wed, 21 Jun 2023 09:36:22 GMT

GET
H2 200 common.js Show response
www.mesopinions.com/public/js/ 16 KB
4 KB 34ms
33ms Script
application/javascript 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/js/common.js?v=2.3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

248fb02c675e464535cbdc8f9e0339b663d962258f8a1b1c0a81e00ef0e03e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000, private
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4085
expires: Tue, 30 Aug 2022 09:36:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
39 KB 252ms
55ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1781857-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ff958950b2d10985adf9382fdf36160fe318d7d35ed9e530cc39937a15c505f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40346
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 logo.webp
www.mesopinions.com/public/assets/ 17 KB
16 KB 69ms
57ms Image
image/webp 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/assets/logo.webp

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

ae1b1e05465460ea1e2f18cca19a232960e756e867d3063a335e5ed4f7f3018b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=7200
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 16031
expires: Fri, 01 Jul 2022 11:36:22 GMT

GET
H2 200 navbar.js Show response
www.mesopinions.com/public/js/views/ 489 B
491 B 39ms
26ms Script
application/javascript 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/js/views/navbar.js?v=2.0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

4a4f5b6ae3dc1891af601cab87fc40dd5c44a8d4a3dfed19662d6b92bbda496d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000, private
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 230
expires: Tue, 30 Aug 2022 09:36:21 GMT

GET
H2 200 donation.css
www.mesopinions.com/public/css/views/petition/ 4 KB
1 KB 24ms
23ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/views/petition/donation.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

1e343a108b7f047f2bccb3f04141caf8361305b5580bbf733ab7b1a9521d7e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 827
expires: Fri, 08 Jul 2022 09:36:22 GMT

GET logo.jpg
www.mesopinions.com/public/assets/ 0
0

GET
H2 200 petition-img-181572-fr.jpeg
www.mesopinions.com/public/img/petition/ 94 KB
95 KB 70ms
58ms Image
image/jpeg 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/img/petition/petition-img-181572-fr.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

783de91271f9de2f414a4c46199e17c7d62c077a663b9f5b63b6d1ef5aeb764b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 96545
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 315 KB
75 KB 221ms
20ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 4
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:18 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 22:12:29 GMT
server: Cloudfront
etag: W/"560ac9b3c6ccd02b33d8964a7bd13769"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: 1gDfnzysaAgIiS6DcXw-epB3RVz9tkhtSkq2uWezu4gD5i-uSLYO7A==

GET
H2 200 js Show response
www.paypal.com/sdk/ 300 KB
90 KB 174ms
28ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&currency=EUR&locale=fr_FR&disable-funding=credit,card

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f66b57a92a9dbb1d4e44b5ba1cbd5a7f99088ad126d946bffa1acdd92ddda907

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 10158
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f839939534f46
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 91375
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7373-LHR, cache-cdg20747-CDG
traceparent: 00-0000000000000000000f839939534f46-d72e287c6249cb3f-01
x-timer: S1656668182.245373,VS0,VE2
x-frame-options: SAMEORIGIN
date: Fri, 01 Jul 2022 09:36:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"164ef-qwW/FSCfCZMhm/1pWHTlRL4CKbk"
accept-ranges: bytes
x-cache-hits: 0, 435

GET
H2 200 pay.css
www.mesopinions.com/public/css/views/ 1 KB
824 B 44ms
34ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/views/pay.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

92d9b46ae81bd562f0c5c428c3235954f38f290027f9399315fa5ac4d1867676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 578
expires: Fri, 08 Jul 2022 09:36:22 GMT

GET
H2 200 loader-spinner.gif
www.mesopinions.com/public/img/ 77 KB
78 KB 46ms
34ms Image
image/gif 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/img/loader-spinner.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

e24bf6081cd3ac2ea239adbff6e1780495712a8830a0b38bdec212b195b5196b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 79327
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 hand-heart.svg
www.mesopinions.com/public/img/icon/ 835 B
764 B 99ms
88ms Image
image/svg+xml 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/img/icon/hand-heart.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

6e34051cde5e5c2b3fc2859a7becf79ff0440512af55abe8df23d1b16fcc0429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7200
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 523
expires: Fri, 01 Jul 2022 11:36:22 GMT

GET
H2 200 fr_FR.png
www.mesopinions.com/public/img/flag/ 575 B
800 B 105ms
94ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/img/flag/fr_FR.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

e36955966aaf0d415f1245a06cf4f131226b7eed886f2360cf548acfa69d12ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 575
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 en_EN.png
www.mesopinions.com/public/img/flag/ 1 KB
2 KB 107ms
96ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/img/flag/en_EN.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

b7e49a3d1da074b2b9a1a526b701987315f050a3a121fe66a3cdb3ab96f564bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 1534
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 cookie.js Show response
www.mesopinions.com/public/js/ 827 B
685 B 45ms
31ms Script
application/javascript 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/js/cookie.js?v=2.1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

825bcade67052cde99899ccc90782226d1c1baab39244f26884dae084e7fc021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000, private
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 424
expires: Tue, 30 Aug 2022 09:36:22 GMT

GET
H2 200 jquery.ihavecookies.js Show response
www.mesopinions.com/public/cookiebanner/ 9 KB
3 KB 63ms
49ms Script
application/javascript 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/cookiebanner/jquery.ihavecookies.js?v=1.5

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

eae22784f13f727ab7a7f589e69f57e624c99917dab11992af3fd41e986a10de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000, private
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2746
expires: Tue, 30 Aug 2022 09:36:22 GMT

GET
H2 200 mo-front.js Show response
www.mesopinions.com/public/js/ 5 KB
963 B 46ms
32ms Script
application/javascript 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/js/mo-front.js?v=2.1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

f02096822230b7c80c83da7fad06310a02fab1b66374520892ec238442abaa42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000, private
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 702
expires: Tue, 30 Aug 2022 09:36:22 GMT

GET
H2 200 lazysizes.min.js Show response
www.mesopinions.com/public/js/ 7 KB
4 KB 100ms
90ms Script
application/javascript 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/js/lazysizes.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000, private
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3378
expires: Tue, 30 Aug 2022 09:36:22 GMT

GET
H2 200 connexion-popup.css
www.mesopinions.com/public/css/views/ 2 KB
875 B 46ms
33ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/views/connexion-popup.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

ffb8ec69a8e18595f6fd20ded87fe1226c011af3c19039d33e32ebfd391a5bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 629
expires: Fri, 08 Jul 2022 09:36:22 GMT

GET
H2 200 fb-official.png
www.mesopinions.com/public/img/account/social/ 12 KB
13 KB 102ms
92ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/img/account/social/fb-official.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

15b13b0320ca3644fe92d2f23e9fdd489c04bbae16d703be97b709c31f62d61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 12708
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
43 KB 215ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KVML24Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0fce30c6314974d486943a628358da525bc02fbd8226716e680366067cb40f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43466
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 123ms
38ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap:400,600|Asap+Condensed:400,600|Crete+Round:400,600|Source+Sans+Pro:400,600&display=swap

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/public/css/style.min.css?v=2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdf20b59e444d54bdf65bc6baf255ad51a76337b7c2fb0806c4f688b05c0b0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 09:36:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Jul 2022 09:36:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 notifications.css
www.mesopinions.com/public/css/ 2 KB
952 B 99ms
91ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/notifications.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

28a9cc22e944e9b07f9d47e6d80ef30b5a70dc508069d72316984f39e3034f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 706
expires: Fri, 08 Jul 2022 09:36:22 GMT

GET
H2 200 langselector.css
www.mesopinions.com/public/css/ 738 B
587 B 131ms
123ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/langselector.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

594c171115de4ff46935fafd6f44b1b0c2c285ab99d4e523b5073cbd1c66508a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 341
expires: Fri, 08 Jul 2022 09:36:22 GMT

GET
H2 200 cookiebanner.css
www.mesopinions.com/public/cookiebanner/ 4 KB
1 KB 101ms
93ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/cookiebanner/cookiebanner.css?v=1.6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

68c586184af80acfa7a0ca567af95389feea582d4fa6a7732d12b46b09d80e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 963
expires: Fri, 08 Jul 2022 09:36:22 GMT

GET
H2 200 all.min.css
www.mesopinions.com/public/css/fontawesome-5.2.0/css/ 46 KB
10 KB 105ms
97ms Stylesheet
text/css 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/fontawesome-5.2.0/css/all.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

f0401cc8fdae2285fea0ee0e742a1b119206b1cf1979b25027e9c04ce0b9d334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
content-length: 10115
expires: Fri, 08 Jul 2022 09:36:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 170ms
0ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA543C878DFF4AF8A2312FD25748CAAA Ref B: AMSEDGE1021 Ref C: 2022-07-01T09:36:22Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 01 Jul 2022 09:36:22 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 159ms
0ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: OEwhNNP7VKIOMKtCvAljOJ8uYACqNqyLTOjaFOOW7lk/UbIBZtZEWOjkk29wEhSSfGj86uKP5JHgNIyKLz3tOA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 01 Jul 2022 09:36:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pxidypY1o9NHyXh3WvSbGSggdOeMaEw.woff2
fonts.gstatic.com/s/asapcondensed/v15/ 20 KB
21 KB 217ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asapcondensed/v15/pxidypY1o9NHyXh3WvSbGSggdOeMaEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,600|Asap+Condensed:400,600|Crete+Round:400,600|Source+Sans+Pro:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb0b6ef22d4bf8ed3b3b4f90168da8fc8fe4b878f45d632cd0512afea90bbbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mesopinions.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 22:53:02 GMT
x-content-type-options: nosniff
age: 211400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20988
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:30:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 22:53:02 GMT

GET
H2 200 logo.jpg
www.mesopinions.com/public/assets/ 43 KB
43 KB 97ms
44ms Image
image/jpeg 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/assets/logo.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

f2f69706ff7a11db5c20845694ae34621935c5b342b8b16bfb2e54d93f212ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 43768
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 pxieypY1o9NHyXh3WvSbGSggdO9TTFlDims.woff2
fonts.gstatic.com/s/asapcondensed/v15/ 21 KB
21 KB 191ms
29ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asapcondensed/v15/pxieypY1o9NHyXh3WvSbGSggdO9TTFlDims.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,600|Asap+Condensed:400,600|Crete+Round:400,600|Source+Sans+Pro:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

773d702a9bfefd054b0abe973537eaee2c89067adcefaf95000fe3021b863bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mesopinions.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:35:28 GMT
x-content-type-options: nosniff
age: 136854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21664
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:26:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:35:28 GMT

GET
H2 200 KFOoCniXp96ayzse4A.woff2
fonts.gstatic.com/s/asap/v24/ 25 KB
25 KB 211ms
50ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asap/v24/KFOoCniXp96ayzse4A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap:400,600|Asap+Condensed:400,600|Crete+Round:400,600|Source+Sans+Pro:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d731c357433b32f38555d25a1c7f516f21b6df446bbdaeeb05e6ce6d5adaca02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mesopinions.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 11:06:06 GMT
x-content-type-options: nosniff
age: 167416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25400
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:38:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 11:06:06 GMT

GET
H2 200 fa-solid-900.woff2
www.mesopinions.com/public/css/fontawesome-5.2.0/webfonts/ 78 KB
78 KB 88ms
26ms Font
font/woff2 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/fontawesome-5.2.0/webfonts/fa-solid-900.woff2

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/public/css/fontawesome-5.2.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mesopinions.com/public/css/fontawesome-5.2.0/css/all.min.css
Origin: https://www.mesopinions.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=7200
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
expires: Fri, 01 Jul 2022 11:36:22 GMT

GET
H2 200 17448704.js Show response
bat.bing.com/p/action/ 219 B
475 B 354ms
318ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17448704.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d015e1b7689128fe70e60957c94abedc6592c7a1a37d7811fd0c14384f79407b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF457E1A58C344F38F899E506F7735B4 Ref B: AMSEDGE1021 Ref C: 2022-07-01T09:36:22Z
date: Fri, 01 Jul 2022 09:36:22 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 300

GET
H2 200 263137394219355 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 44ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/263137394219355?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35767d6d130c6ac84c50be5b059f3be70c00f258950203172acb7150adbaf2cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85507
x-xss-protection: 0
pragma: public
x-fb-debug: ieEzFhjSdUf0t1oHldDIz1p/KqyfBhP0cCyHoN0ts459WbGSoh1rgjG4LLL6eTWkFWBwCuw6KcWKU1AzqiEVGw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 01 Jul 2022 09:36:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 20ms
19ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.mesopinions.com&t=xo&v=5.0.320&source=payments_sdk&client_id=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&currency=EUR&locale=fr_FR&disable-funding=credit,card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-H6gJw9YfO6tUr0gJVaZmVDyjX8wTs2wY472RVNXfYzHmV04h' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-H6gJw9YfO6tUr0gJVaZmVDyjX8wTs2wY472RVNXfYzHmV04h' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 1771
x-cache: HIT, HIT
paypal-debug-id: f389117d3b3aa
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7336-LHR, cache-cdg20747-CDG
x-timer: S1656668182.410639,VS0,VE1
x-frame-options: SAMEORIGIN
date: Fri, 01 Jul 2022 09:36:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1, 1100

GET
H2 200 fa-brands-400.woff2
www.mesopinions.com/public/css/fontawesome-5.2.0/webfonts/ 75 KB
75 KB 26ms
26ms Font
font/woff2 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/public/css/fontawesome-5.2.0/webfonts/fa-brands-400.woff2

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/public/css/fontawesome-5.2.0/css/all.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mesopinions.com/public/css/fontawesome-5.2.0/css/all.min.css
Origin: https://www.mesopinions.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=7200
strict-transport-security: max-age=31536000;
accept-ranges: bytes
vary: Accept-Encoding
expires: Fri, 01 Jul 2022 11:36:22 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 getNbNotificationsUser Show response
www.mesopinions.com/auteurws/ 34 B
518 B 36ms
36ms XHR
application/json 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/auteurws/getNbNotificationsUser

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/public/js/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

e488b9b42d4ddeef06309ae3bcf87357d07100b66dd498a5bd6e6a496f02060f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=600, private, must-revalidate
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
content-length: 50
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 getNotificationsUser Show response
www.mesopinions.com/auteurws/ 755 B
938 B 63ms
61ms XHR
application/json 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/auteurws/getNotificationsUser

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/public/js/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

bdf751bb85cef72d7ccfdc8e5492c76aece1cbda1fe0c0ad11bd6e65e6661436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=600, private, must-revalidate
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
content-length: 469
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 add Show response
prz.mesopinions.com/visite/ 0
218 B 101ms
29ms Script
text/html 52.50.116.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prz.mesopinions.com/visite/add?url=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir%3Futm_source%3Deml%26utm_medium%3Dspeedo%26utm_campaign%3Done_clic%26utm_term%3D01072022%23main-block&type=1&referrer=&email=danses-urbain.0@icloud.com&id_petition=181572&id_sondage=0&mediatisation=1
Requested by: Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.116.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-116-85.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
server: nginx/1.20.0
x-powered-by: Express
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-length: 0
content-type: text/html; charset=utf-8

GET
H3 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
2 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aec43af35782cd2b4e3f64111e22a47401f7a2c85c8c47878eb4cad31626043a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ijUa8DXtbRI7pcBfFR3sjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: R95XunbTMsnjzivaV/zmrfFyV5WIpLv2bp4RHxHH17jE/y54mbHP+YrQIY3o8Lw+m+mQF8rV9IXw5z4EHlUBTg==
x-fb-content-md5: 00cee02825f2050cc81495ce7447da76
x-frame-options: DENY
date: Fri, 01 Jul 2022 09:36:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bf3b212f4bcb1d8130a03dbbab42f4ee"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Jul 2022 09:42:47 GMT

GET
H2 200 logowhite.png
www.mesopinions.com/public/assets/ 7 KB
7 KB 31ms
30ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/assets/logowhite.png

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

998f2977326092ee03bb084e89d5a8d0774894407e6fd7e4887c95e0697f9cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 6768
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 facebook.png
www.mesopinions.com/public/assets/ 2 KB
2 KB 24ms
23ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/assets/facebook.png

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

b32de33f3f337514e84bfdbd862151bf83ab68b5e09962c1f6280a941e25c1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2015
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 twitter.png
www.mesopinions.com/public/assets/ 3 KB
3 KB 28ms
27ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/assets/twitter.png

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

e26478c169e62cf2e6a7a908c2e7e8a7a02cb977c233765c70b15b62e949c534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2619
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 youtube.png
www.mesopinions.com/public/assets/ 3 KB
3 KB 25ms
25ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/assets/youtube.png

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

ec362c92858ef3c380f847c20df9f01ccd961e0c8433767f43cdf479274ff96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 3350
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 instagram.png
www.mesopinions.com/public/assets/ 2 KB
3 KB 32ms
32ms Image
image/png 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mesopinions.com/public/assets/instagram.png

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

fed675a1b9aca9e3d05aa38163c39a0b218e637ee1466bc9d8a806ae1f6bd5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2550
expires: Sun, 31 Jul 2022 09:36:22 GMT

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 0840 240 B
981 B 29ms
28ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1744
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:31:40 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: Q-1IyWTDXqPtBUSMIsJDI9FzZfv4omuPBpDNSOHmLF04wM_GT4OagA==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 204 0
bat.bing.com/action/ 0
175 B 39ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17448704&Ver=2&mid=d15209d0-8d1f-4a6b-88d0-0dd315763702&sid=44c702e0f92111ecb96b25d21eb3e6e4&vid=44c79a40f92111ecac76ef825e4fff08&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat,%20le%20temps%20de%20l%27action%20!&p=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir%23main-block&r=&lt=901&evt=pageLoad&msclkid=N&sv=1&rn=100032

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 83C624208D5E448FAB590C7D5670BD57 Ref B: AMSEDGE1021 Ref C: 2022-07-01T09:36:22Z
date: Fri, 01 Jul 2022 09:36:22 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
843 B 269ms
175ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat%2C%20le%20temps%20de%20l%27action%20!&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1656668182488&g=0&completeurl=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir%23main-block&ru=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: f1998553e4547
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-lhr7365-LHR, cache-cdg20766-CDG
pragma: no-cache
traceparent: 00-0000000000000000000f1998553e4547-78106f22cd9a4698-01
x-timer: S1656668183.591793,VS0,VE158
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 70ms
22ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=263137394219355&ev=PageView&dl=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir%23main-block&rl=&if=false&ts=1656668182550&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656668182508.2041425906&it=1656668182351&coo=false&exp=p0&rqm=GET

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 101ms
50ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RV2VNB9SQ6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVML24Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e5e65c76b990678e9e478ab2c87ead636567f30d09e55759ccdc3c070f29cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70545
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
18ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVML24Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3518
date: Fri, 01 Jul 2022 08:37:44 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 01 Jul 2022 10:37:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 70ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-976293053&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1781857-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d490dc01b594b99a0c49cfb34f23f89d7a450e66b40c41d3f2e89a413c31911a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43983
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 controller-777bf61584e6bc6567b89535cff967f0.html Show response
js.stripe.com/v3/ Frame 9484 349 B
1 KB 23ms
23ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-777bf61584e6bc6567b89535cff967f0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bd283f62d63480d92f3fb93eb45078ec16b22568b27da1e14401490226b6ff7b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 53
cache-control: max-age=60
content-length: 349
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:35:30 GMT
etag: "777bf61584e6bc6567b89535cff967f0"
last-modified: Thu, 30 Jun 2022 21:55:30 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: M24Fdfazjd-Mml-3pSnFmFASajWnKjvX5YNx95SvFXYsHQU0vGoodQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html Show response
js.stripe.com/v3/ Frame 257A 434 B
1 KB 23ms
23ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

badac3c29f0e4f70f137d5766ba5a9d3c74f1e8f018cd7d98db00c884e9240ad

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
cache-control: max-age=60
content-length: 434
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:35:40 GMT
etag: "7ca3448902d53a7fbabb61cb03b01a18"
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: _WeGghqKdOsIj7mat-8h5899BzWIOq5mO5JBzfyMAjB9G4xWBm1Odg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-c26fae9d50fd2cd155cb83bec1234510.html Show response
js.stripe.com/v3/ Frame E072 370 B
1 KB 24ms
23ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-c26fae9d50fd2cd155cb83bec1234510.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e1e368229204f18301bbc1fb8bf1bf3bab9493643319127a1d4bdaad16fcd682

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2
cache-control: max-age=60
content-length: 370
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:36:22 GMT
etag: "c26fae9d50fd2cd155cb83bec1234510"
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: pC559f6WuwhzMFag2A2euxhDeHzgyfsV6BVg0KVl-wI2tAAx5zH5hA==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html Show response
js.stripe.com/v3/ Frame 6EFB 807 B
2 KB 24ms
23ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b13e67e8166c7089a323aeb0d4c7bb3772f4edece8f9451ab5c95c445768ab65

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2225
cache-control: max-age=31536000
content-length: 807
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 08:59:17 GMT
etag: "edf207c4be501cb2d1a7c362b7e15c9e"
last-modified: Thu, 30 Jun 2022 21:55:30 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: XMNKEGEmLa_nB6qVHXp14L5aFCUUqSKmfr41jtCzC-J5Q1QFLOW9zA==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html Show response
js.stripe.com/v3/ Frame 3A59 807 B
2 KB 25ms
23ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b13e67e8166c7089a323aeb0d4c7bb3772f4edece8f9451ab5c95c445768ab65

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2225
cache-control: max-age=31536000
content-length: 807
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 08:59:36 GMT
etag: "edf207c4be501cb2d1a7c362b7e15c9e"
last-modified: Thu, 30 Jun 2022 21:55:30 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: 1Jjk_uNoU55lV8LDj-_25aZoMpiQAqWxyVe-BUU1vMaOSonwAfvM9w==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html Show response
js.stripe.com/v3/ Frame 1059 807 B
2 KB 24ms
24ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b13e67e8166c7089a323aeb0d4c7bb3772f4edece8f9451ab5c95c445768ab65

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2225
cache-control: max-age=31536000
content-length: 807
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 08:59:36 GMT
etag: "edf207c4be501cb2d1a7c362b7e15c9e"
last-modified: Thu, 30 Jun 2022 21:55:30 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: BJzpIaybUowzpYe4AhjHMH1trUgaJqc8dvI46UN2r4vQRRF6KMqFog==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame D322 369 KB
151 KB 316ms
316ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.320&components.0=buttons&locale.lang=fr&locale.country=FR&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhVZl9DcVQtQVBmYWJTalpRSWJIQmRnRnRoNWV5WnBiSWR1TlBDUHBtc3hEcHBVeXdRT0h3c05TblRlcUI2bTlsTGtjMUU1TEdhRFdTdmsmY3VycmVuY3k9RVVSJmxvY2FsZT1mcl9GUiZkaXNhYmxlLWZ1bmRpbmc9Y3JlZGl0LGNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF90anJqbmxweGJrc2Roc29pc21haWduaGlxZXdyZmkifX0&clientID=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&sdkCorrelationID=f528264b70f5a&storageID=uid_d3ab2bfa85_mdk6mzy6mji&sessionID=uid_21a5aeb049_mdk6mzy6mji&buttonSessionID=uid_7184fb25fb_mdk6mzy6mji&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e5f958d243e4873516c80f8c428c1f8bf0e11ecae6b8c1c7a5e526aacda61124

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:36:22 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"5c3b9-9nrXDAzO+bl2wmsfWDkt+w5k2Ag"
p3p: true
paypal-debug-id: f7288204a21b9
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f7288204a21b9-4792c004cd03cf5e-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-lhr7333-LHR, cache-cdg20747-CDG
x-timer: S1656668183.671614,VS0,VE298
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 4DA3 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 csp-report
q.stripe.com/ Frame 0840 0
571 B 507ms
162ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9484 0
570 B 643ms
321ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 257A 0
570 B 640ms
322ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E072 0
570 B 637ms
323ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6EFB 0
570 B 634ms
324ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3A59 0
570 B 630ms
325ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1059 0
570 B 625ms
324ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1006 B
2 KB 214ms
214ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5d710efe022f6d2104908e5b53877317be039d4944eb1476a73fb811b5de50ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.mesopinions.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f72882040a867
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7340-LHR, cache-cdg20765-CDG
traceparent: 00-0000000000000000000f72882040a867-2f96472a12cccfa7-01
x-timer: S1656668183.986622,VS0,VE196
etag: W/W/"3ee-6ViGKfJuX/iPupRWy9tqUirauWI"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mesopinions.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 243ms
200ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mesopinions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.mesopinions.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 01 Jul 2022 09:36:22 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f728820df0c8f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f728820df0c8f-c01d2eb7720eba73-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-lhr7360-LHR, cache-cdg20765-CDG
x-timer: S1656668183.784676,VS0,VE182

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0840 1 KB
1 KB 25ms
24ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:37 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Cloudfront
etag: W/"77711798ecf99b8bb8207cf88a10d73c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: gWYJqBHPIgfNlJKv0I38WrWxodqsSNZqajFcvNDd1cX4PWb_xqOzqA==

GET
H2 200 shared-56d4f640038c3436cd3a5f5c3e4d4a90.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9484 220 KB
55 KB 24ms
23ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-777bf61584e6bc6567b89535cff967f0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-777bf61584e6bc6567b89535cff967f0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:30 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"e632e207c0d2d0cb53dd8c79c591b524"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: 5xjA_ev0E_5Si7ocPgZFUktGyQMI6cM1eD7K1D0Ms_Ifjjt9oe435Q==

GET
H2 200 controller-ba0210d482375ac3100138d6acb50e30.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9484 393 KB
96 KB 31ms
30ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-ba0210d482375ac3100138d6acb50e30.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-777bf61584e6bc6567b89535cff967f0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

62b0f57b1e4d1c00b61bef370d6daaba40921293d7902e67a8926f637db7bea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/controller-777bf61584e6bc6567b89535cff967f0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 52
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:08 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 18:30:49 GMT
server: Cloudfront
etag: W/"0f7154a173b20df02d90a30fdf5840ce"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: 6SuTD4w7tfG_N2zapE3KU10l6YvNHVZVp0t87h_VogDkLylOnI6UCw==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 257A 95 KB
31 KB 161ms
63ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae8ab2b6e48fdef457c84b2b32b1e7a980579dfc50622ee62fcc515b68752399

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-H66TRw2TbFCHdZQMl-lrzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-H66TRw2TbFCHdZQMl-lrzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-H66TRw2TbFCHdZQMl-lrzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-H66TRw2TbFCHdZQMl-lrzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 shared-56d4f640038c3436cd3a5f5c3e4d4a90.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 257A 220 KB
55 KB 54ms
44ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:30 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"e632e207c0d2d0cb53dd8c79c591b524"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: B7Ll0jXJNbyH7oQwV1sEqtbk-aLO6SlbiCJQIFfZogyhS4qQg4rsbg==

GET
H2 200 payment-request-inner-google-pay-3490f99893a31f72004c913e494d1a51.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 257A 13 KB
5 KB 62ms
52ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-3490f99893a31f72004c913e494d1a51.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ff2d760b794858017b7290b971b5b8ef731828ad13c2004f2f2923b3fe902f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7ca3448902d53a7fbabb61cb03b01a18.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 27
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:56 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 20:17:44 GMT
server: Cloudfront
etag: W/"9da7fffb4ad96dd4772b1c9428eb4d9c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: dnuV8d5QRJaR3fudD3CQX-62YGUf0XRu-4pEXHEJL6Fecs1b71S1Kg==

GET
H2 200 shared-56d4f640038c3436cd3a5f5c3e4d4a90.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E072 220 KB
55 KB 58ms
49ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-c26fae9d50fd2cd155cb83bec1234510.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-c26fae9d50fd2cd155cb83bec1234510.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:30 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"e632e207c0d2d0cb53dd8c79c591b524"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: jRdwsZaDEnV1ONW8LFpxnCkAcVX06N922M60qYbHTlrCwc_uIJee9g==

GET
H2 200 payment-request-inner-browser-140da140a3ac4af1b9731835feb14a13.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E072 11 KB
4 KB 63ms
54ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-140da140a3ac4af1b9731835feb14a13.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-c26fae9d50fd2cd155cb83bec1234510.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1546b7a39d69b50076752f2ea5396dc785a9f298f3904c934d86438b8e186694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-c26fae9d50fd2cd155cb83bec1234510.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 55
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:22 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 20:45:56 GMT
server: Cloudfront
etag: W/"491756a53d98f0421165d7d18e0cab76"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: cIqWMI6WmrCjXQbUWtaFGqvf4e7MfPZF3apXnLIYjDPfDe24kz7Vsw==

GET
H2 200 ui-shared-dcc7704820e24909c78df35eed5aea96.css
js.stripe.com/v3/fingerprinted/css/ Frame 6EFB 18 KB
3 KB 67ms
58ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-dcc7704820e24909c78df35eed5aea96.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 19
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:04 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:48 GMT
server: Cloudfront
etag: W/"d8a33a9503618fb1361fd34772563167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: q6CYPi8vyJUOtqm8QvavyUKjEPKz_2S2BfYYl8wLkksekYW9KcZP8Q==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 6EFB 5 KB
1 KB 70ms
61ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:22 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: Nj4GI4kpFZUUmLyEBLa6iVzCIAGKaEfavY9FxDcHpF66lGBz00OGaQ==

GET
H2 200 shared-56d4f640038c3436cd3a5f5c3e4d4a90.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6EFB 220 KB
55 KB 78ms
70ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:30 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"e632e207c0d2d0cb53dd8c79c591b524"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: YepjSLh3uMOzRV5L5k32k8cXyHGQgoaPUgqv_hX8TaUFkk9SvKy6Aw==

GET
H2 200 ui-shared-f2f3262403983e86033b06bdc141a86d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6EFB 214 KB
62 KB 84ms
77ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-f2f3262403983e86033b06bdc141a86d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

82712a438d9a97e1c8c96fe11a28d4763ae4eb7a23c7dc42d00acf945626a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 33
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:49 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 20:45:55 GMT
server: Cloudfront
etag: W/"d240953d161a0828bb3382bc38e9b5ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: kQIoSyXlpLgM0VIV7yrP1XX-5U32noAh6TBSZQvT6jN6PZ5LFRxlOQ==

GET
H2 200 elements-inner-card-7e85bdf180fea99bc0727eace70b27ff.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6EFB 47 KB
12 KB 93ms
85ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7e85bdf180fea99bc0727eace70b27ff.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f3d34ebe45c4eab8003570efb69d662fabf6acc382005c1515a01ecd231435ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:08 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 22:13:02 GMT
server: Cloudfront
etag: W/"2302f1963b6fcc41e117ce853a0e8858"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: -LU7C0mGG4GbwO7hdIdzcI0VKAbXccU9dMT2MS-MNtiuOeRk18k7Rw==

GET
H2 200 ui-shared-dcc7704820e24909c78df35eed5aea96.css
js.stripe.com/v3/fingerprinted/css/ Frame 3A59 18 KB
3 KB 69ms
62ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-dcc7704820e24909c78df35eed5aea96.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 19
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:04 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:48 GMT
server: Cloudfront
etag: W/"d8a33a9503618fb1361fd34772563167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: FKS8IS7ZmF8er2qajRFmn64Wid0wCRvRFS7lpKPEvZfMmhnliDaSgw==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 3A59 5 KB
1 KB 71ms
64ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:22 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: GGbWRrHqYOOms5t4gg3BFAsug0orEspgWo-RjyiNUZvl2VA8fqK17g==

GET
H2 200 shared-56d4f640038c3436cd3a5f5c3e4d4a90.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A59 220 KB
55 KB 89ms
83ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:30 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"e632e207c0d2d0cb53dd8c79c591b524"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: DB5KjsUMmrTMLbiI9V9bNmkDAvpxA7mEApCvGgeCpUTaXfcEGqdZ_A==

GET
H2 200 ui-shared-f2f3262403983e86033b06bdc141a86d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A59 214 KB
62 KB 95ms
89ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-f2f3262403983e86033b06bdc141a86d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

82712a438d9a97e1c8c96fe11a28d4763ae4eb7a23c7dc42d00acf945626a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 33
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:49 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 20:45:55 GMT
server: Cloudfront
etag: W/"d240953d161a0828bb3382bc38e9b5ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: jVO1rdTyV7CXAjgnK_VvwycVy--ytvp1zrbc9ZmGZ4Htl8YJuEl5sQ==

GET
H2 200 elements-inner-card-7e85bdf180fea99bc0727eace70b27ff.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3A59 47 KB
12 KB 97ms
91ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7e85bdf180fea99bc0727eace70b27ff.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f3d34ebe45c4eab8003570efb69d662fabf6acc382005c1515a01ecd231435ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:08 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 22:13:02 GMT
server: Cloudfront
etag: W/"2302f1963b6fcc41e117ce853a0e8858"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: NPQbszt7Z3GdzIwi_WQkmJrzzhx_ErKoxG171NjTUGA_egIKJebSGw==

GET
H2 200 ui-shared-dcc7704820e24909c78df35eed5aea96.css
js.stripe.com/v3/fingerprinted/css/ Frame 1059 18 KB
3 KB 70ms
65ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-dcc7704820e24909c78df35eed5aea96.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 19
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:04 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:48 GMT
server: Cloudfront
etag: W/"d8a33a9503618fb1361fd34772563167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: rGdg6u6b-x8VaHcSaqY2RtwpT79YYhAW4t-6nOwboHLpPClI-9rQfA==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 1059 5 KB
1 KB 75ms
69ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:22 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: 58uCh45xdB5XdWLkR296_5le1hkJyJ_Ey_FgHIhiB6-tDmDAUUXzLg==

GET
H2 200 shared-56d4f640038c3436cd3a5f5c3e4d4a90.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1059 220 KB
55 KB 91ms
86ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:30 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"e632e207c0d2d0cb53dd8c79c591b524"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: 5KPfhBoCXmDwOaBtkPkbYtYkFM6GHEaS0d5WdnswNN4j9mkUCQ4JwA==

GET
H2 200 ui-shared-f2f3262403983e86033b06bdc141a86d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1059 214 KB
62 KB 98ms
93ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-f2f3262403983e86033b06bdc141a86d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

82712a438d9a97e1c8c96fe11a28d4763ae4eb7a23c7dc42d00acf945626a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 33
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:35:49 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 20:45:55 GMT
server: Cloudfront
etag: W/"d240953d161a0828bb3382bc38e9b5ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: ip3gJSJREx7ZTSYFbrkXu94SD06TY_R3-1TRwS12q0CuFRYvUJnbzA==

GET
H2 200 elements-inner-card-7e85bdf180fea99bc0727eace70b27ff.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1059 47 KB
12 KB 100ms
95ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-7e85bdf180fea99bc0727eace70b27ff.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f3d34ebe45c4eab8003570efb69d662fabf6acc382005c1515a01ecd231435ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-edf207c4be501cb2d1a7c362b7e15c9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:08 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 22:13:02 GMT
server: Cloudfront
etag: W/"2302f1963b6fcc41e117ce853a0e8858"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: RfQWEdBBp5QM7KhNjH52LaONVX4YPhy6cdbSMCrPCq-YAXFVK2b_tA==

GET
H3 200 sdk.js Show response
connect.facebook.net/fr_FR/ 300 KB
86 KB 76ms
48ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js?hash=88239210678fa92a2958f747699feeb3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef494abdb60074890135fd4524fe6c76cffa2f9ed7d88eb5013ca0025fab1b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mesopinions.com/
Origin: https://www.mesopinions.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LK2CdA566Kv+ZHrnJagt6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87568
x-fb-rlafr: 0
x-fb-debug: b27rQ33r11b5MevlvwTj/6woTYHKaROIz67HgQEEE4SGazoj8r7sLe7Oq8DjttK2yszUzutlfS4GbbCm7Du/3A==
x-fb-content-md5: 74d01392d0d96850c8526f7ff73fe726
x-frame-options: DENY
date: Fri, 01 Jul 2022 09:36:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f26b31ed47cdaf13ae67e2c8e968ee3b"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jul 2023 07:44:10 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 76ms
29ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 08:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3153
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jul 2022 09:43:49 GMT

GET
H2 200 17448704 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 178ms
108ms Script
application/x-javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/17448704
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17448704.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 036ba09356e3cf845bc227a41d82f1408e9cdfcf047db5ec2fe4258863234c9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
x-powered-by: ASP.NET
x-azure-ref: 0FsC+YgAAAABREad3y/SvQqNZxtNj8O9VQlJVMzBFREdFMDQxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 66ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RV2VNB9SQ6&gtm=2oe6t0&_p=123642596&_z=ccd.v9B&cid=581912871.1656668183&ul=en-us&sr=1600x1200&_s=1&sid=1656668182&sct=1&seg=0&dl=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir&dt=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat%2C%20le%20temps%20de%20l%27action%20!&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RV2VNB9SQ6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mesopinions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 105ms
45ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976293053&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 09:36:22 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 708F 930 B
2 KB 107ms
23ms Document
text/html 13.224.189.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-45.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 73
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:35:21 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id: X-cSC4OZ9LiERIwKbzP8qKoC5baSrgGjnRIEpDzLU6DYazopfYfv8g==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 444ms
292ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 23ms
22ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=123642596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir&ul=en-us&de=UTF-8&dt=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat%2C%20le%20temps%20de%20l%27action%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=1524603839&gjid=1818091295&cid=581912871.1656668183&tid=UA-1781857-2&_gid=1473056019.1656668183&_r=1&gtm=2wg6t0KVML24Z&cd1=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&z=412660863

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mesopinions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 22ms
22ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=123642596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir&ul=en-us&de=UTF-8&dt=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat%2C%20le%20temps%20de%20l%27action%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUAjAAAAAC~&jid=902888274&gjid=436659884&cid=581912871.1656668183&tid=UA-1781857-1&_gid=1473056019.1656668183&_r=1&gtm=2ou6t0&z=117845151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mesopinions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 452ms
451ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 448ms
448ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 451ms
451ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 449ms
449ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 443ms
443ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 285ms
285ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 443ms
443ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 445ms
444ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 444ms
444ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 443ms
443ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 438ms
438ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 440ms
439ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 439ms
439ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 442ms
442ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 441ms
440ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 441ms
441ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 439ms
439ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 708F 0
344 B 432ms
432ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 419ms
419ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 51ms
26ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1737315313006946&ev=fb_page_view&dl=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir%23main-block&rl=&if=false&ts=1656668183096&sw=1600&sh=1200&at=

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 01 Jul 2022 09:36:23 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame D322 300 KB
90 KB 27ms
26ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&currency=EUR&locale=fr_FR&disable-funding=credit,card

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.320&components.0=buttons&locale.lang=fr&locale.country=FR&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhVZl9DcVQtQVBmYWJTalpRSWJIQmRnRnRoNWV5WnBiSWR1TlBDUHBtc3hEcHBVeXdRT0h3c05TblRlcUI2bTlsTGtjMUU1TEdhRFdTdmsmY3VycmVuY3k9RVVSJmxvY2FsZT1mcl9GUiZkaXNhYmxlLWZ1bmRpbmc9Y3JlZGl0LGNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF90anJqbmxweGJrc2Roc29pc21haWduaGlxZXdyZmkifX0&clientID=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&sdkCorrelationID=f528264b70f5a&storageID=uid_d3ab2bfa85_mdk6mzy6mji&sessionID=uid_21a5aeb049_mdk6mzy6mji&buttonSessionID=uid_7184fb25fb_mdk6mzy6mji&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f66b57a92a9dbb1d4e44b5ba1cbd5a7f99088ad126d946bffa1acdd92ddda907

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.320&components.0=buttons&locale.lang=fr&locale.country=FR&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhVZl9DcVQtQVBmYWJTalpRSWJIQmRnRnRoNWV5WnBiSWR1TlBDUHBtc3hEcHBVeXdRT0h3c05TblRlcUI2bTlsTGtjMUU1TEdhRFdTdmsmY3VycmVuY3k9RVVSJmxvY2FsZT1mcl9GUiZkaXNhYmxlLWZ1bmRpbmc9Y3JlZGl0LGNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF90anJqbmxweGJrc2Roc29pc21haWduaGlxZXdyZmkifX0&clientID=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&sdkCorrelationID=f528264b70f5a&storageID=uid_d3ab2bfa85_mdk6mzy6mji&sessionID=uid_21a5aeb049_mdk6mzy6mji&buttonSessionID=uid_7184fb25fb_mdk6mzy6mji&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NXpDzx1M47KZGi/XWynTAIQcWSe9BVcIIo+jUlAETkcSNYzd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 10159
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f839939534f46
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 91375
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7373-LHR, cache-cdg20747-CDG
traceparent: 00-0000000000000000000f839939534f46-d72e287c6249cb3f-01
x-timer: S1656668183.134690,VS0,VE1
x-frame-options: SAMEORIGIN
date: Fri, 01 Jul 2022 09:36:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"164ef-qwW/FSCfCZMhm/1pWHTlRL4CKbk"
accept-ranges: bytes
x-cache-hits: 0, 436

POST
H3 200 / Show response
www.facebook.com/tr/ Frame FC8A 0
15 B 24ms
23ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.mesopinions.com
Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.mesopinions.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jul 2022 09:36:23 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.34/ 53 KB
23 KB 116ms
116ms Script
application/javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/17448704
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:22 GMT
content-encoding: br
etag: "1d88bc3d8d26054"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0F8C+YgAAAAAvF8Gm1rKUTJj2zR3xc7e8QlJVMzBFREdFMDQxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/976293053/ 3 KB
2 KB 108ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976293053/?random=1656668183134&cv=9&fst=1656668183134&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir&tiba=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat%2C%20le%20temps%20de%20l%27action%20!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffa3618e25fb06185f55a1354128b16a1e35490f3e0986cbc494c93566a9d161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1135
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 0666 18 KB
7 KB 118ms
71ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0425b5c514dfc4f88748cf0f2966b2891250777e7917a6b5eb4b7c2f64209e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uRa2Vud7JU8QcPMgSUNGKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-uRa2Vud7JU8QcPMgSUNGKQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uRa2Vud7JU8QcPMgSUNGKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-uRa2Vud7JU8QcPMgSUNGKQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 01 Jul 2022 09:36:23 GMT
expires: Fri, 01 Jul 2022 09:36:23 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 708F 86 KB
14 KB 27ms
26ms Script
text/javascript 13.224.189.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-45.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 289
date: Fri, 01 Jul 2022 09:31:34 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wCzNXyN2NIcWjpaxEQYhHbinjnIauqinEUuGhhQ_tA3vZqRK9CTUXw==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 369ms
363ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 367ms
362ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
DATA 200
OK truncated
/ Frame D322 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 362ms
361ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 360ms
359ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 357ms
357ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 355ms
354ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 352ms
351ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 346ms
343ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 347ms
345ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 0666 2 KB
2 KB 22ms
22ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir?utm_source=eml&utm_medium=speedo&utm_campaign=one_clic&utm_term=01072022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 6 Show response
m.stripe.com/ Frame 708F 156 B
523 B 509ms
170ms XHR
application/json 54.201.229.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.229.78 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-229-78.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4edc5dc31adac16db61e46427f9266ce83cfd1538ebef57a4b6d11188b6047f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrj... Frame 0666 151 KB
53 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d2a22ac292f6355d71b9c2fff414ed3365497d3d020fa3262bf2eb20aeb564c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53969
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 07:29:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 16:22:03 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/976293053/ 42 B
548 B 135ms
74ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/976293053/?random=1656668183134&cv=9&fst=1656666000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir&tiba=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat%2C%20le%20temps%20de%20l%27action%20!&async=1&fmt=3&is_vtc=1&random=1995242111&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fr/pagead/1p-user-list/976293053/ 42 B
548 B 97ms
36ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-user-list/976293053/?random=1656668183134&cv=9&fst=1656666000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.mesopinions.com%2Fpetition%2Fnature-environnement%2Fdeuxieme-quinquennat-temps-action%2F181572%2Fsoutenir&tiba=Booster%20la%20diffusion%20de%20la%20p%C3%A9tition%20%3A%20Le%20deuxi%C3%A8me%20quinquennat%2C%20le%20temps%20de%20l%27action%20!&async=1&fmt=3&is_vtc=1&random=1995242111&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
178 B 413ms
206ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.mesopinions.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.mesopinions.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.j2a... Frame 0666 78 KB
28 KB 79ms
26ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.j2anM1Bb4ss.L.B1.O/am=A4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriFPirab8_IID8qukOQn4CHONjAAw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a8b683bd93952dfc014b732c87140a889b1302e487fcf469dc3214213c51e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29060
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 01:28:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 16:22:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0666 49 KB
20 KB 18ms
18ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.j2anM1Bb4ss.L.B1.O/am=A4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriFPirab8_IID8qukOQn4CHONjAAw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4710
date: Fri, 01 Jul 2022 08:17:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 01 Jul 2022 10:17:53 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 0666 1 MB
348 KB 84ms
83ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6482f2d58e2e8a5d1d594914ab5a6cf725f37799eb267a3bff15e4096a05d6f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EfVCKPiNqLQuwgx6wE-g9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-EfVCKPiNqLQuwgx6wE-g9g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Fri, 01 Jul 2022 09:36:23 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-EfVCKPiNqLQuwgx6wE-g9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-EfVCKPiNqLQuwgx6wE-g9g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Fri, 01 Jul 2022 09:36:23 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0666 131 B
155 B 104ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:23 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
31ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:23 GMT
expires: Fri, 01 Jul 2022 09:36:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0666 131 B
155 B 96ms
40ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:23 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 96ms
32ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:23 GMT
expires: Fri, 01 Jul 2022 09:36:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0666 131 B
155 B 92ms
39ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:23 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 95ms
34ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:23 GMT
expires: Fri, 01 Jul 2022 09:36:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0666 131 B
155 B 90ms
36ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:23 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 90ms
33ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:23 GMT
expires: Fri, 01 Jul 2022 09:36:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0666 131 B
155 B 88ms
35ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:23 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 88ms
34ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:23 GMT
expires: Fri, 01 Jul 2022 09:36:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.j2a... Frame 0666 18 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.j2anM1Bb4ss.L.B1.O/am=A4A/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriFPirab8_IID8qukOQn4CHONjAAw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb4016a43af457603ecb497df28a650e40508c27bd8331e972cf4a630f06f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7483
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 01:28:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 16:22:08 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.j2a... Frame 0666 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.j2anM1Bb4ss.L.B1.O/am=A4A/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriFPirab8_IID8qukOQn4CHONjAAw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43351283a15ba13d9b56ed3d3fe75b1c105b1da04351862be1a3c47f48cebd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14175
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 01:28:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 16:22:08 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame D322 56 KB
20 KB 120ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F59) /

Resource Hash

72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574613
x-cache: HIT
paypal-debug-id: 753edb9b0dcf0
access-control-max-age: 86400
access-control-allow-methods: GET
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc: ccg11-origin-www-1.paypal.com
content-length: 19745
last-modified: Tue, 21 Jun 2022 22:04:47 GMT
server: ECAcc (paa/6F59)
etag: W/"62b2407f-e12a"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Jul 2022 09:36:23 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0666 131 B
155 B 96ms
43ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:23 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 49ms
34ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 01 Jul 2022 09:36:23 GMT
expires: Fri, 01 Jul 2022 09:36:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 165ms
164ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 166ms
165ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 getInfoUser Show response
www.mesopinions.com/stripews/ 33 B
521 B 39ms
36ms XHR
application/json 2a0a:1580:2000:1c00::16
ODISO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mesopinions.com/stripews/getInfoUser

Requested by

Host: www.mesopinions.com
URL: https://www.mesopinions.com/public/js/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:1580:2000:1c00::16 , France, ASN34993 (ODISO-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

b1f8161abd4643fbb3a80efc25238250e36912c8cef78c567d016e63fd60881f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.mesopinions.com/petition/nature-environnement/deuxieme-quinquennat-temps-action/181572/soutenir
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=600, private, must-revalidate
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
content-length: 53
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 164ms
164ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 168ms
168ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html Show response
js.stripe.com/v3/ Frame 0B02 829 B
2 KB 24ms
23ms Document
text/html 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

08606849b84af6de8fd3be7edd93f46c922fc7d7244a71a599e057c32b15b4aa

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mesopinions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1864
cache-control: max-age=31536000
content-length: 829
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 09:05:21 GMT
etag: "81883298fa115e41d6202b0a25e59db4"
last-modified: Thu, 30 Jun 2022 21:55:31 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: widvRf3bgfHmseJAxGd7v5kbJzSzBoBpBB00r-dW05OtFlB2cSbb_Q==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 log Show response
play.google.com/ Frame 0666 131 B
155 B 91ms
37ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.MnClL3quRXA.es5.O/am=A4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjHzfkAQ0zn6iVLAFL7dVhwuYgriA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 01 Jul 2022 09:36:23 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 167ms
166ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 270ms
269ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 0B02 0
570 B 260ms
260ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ui-shared-dcc7704820e24909c78df35eed5aea96.css
js.stripe.com/v3/fingerprinted/css/ Frame 0B02 18 KB
3 KB 26ms
24ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-dcc7704820e24909c78df35eed5aea96.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 20
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:10 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:48 GMT
server: Cloudfront
etag: W/"d8a33a9503618fb1361fd34772563167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: MT9Af7qY4mA2BB50bLZXMHZ7JU5RwNtNvQBpNeivpLAlotos1T6EZg==

GET
H2 200 elements-inner-payment-request-abd2b5dfc862df7687f0bde35b5d6f0f.css
js.stripe.com/v3/fingerprinted/css/ Frame 0B02 7 KB
2 KB 27ms
26ms Stylesheet
text/css 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-abd2b5dfc862df7687f0bde35b5d6f0f.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79bcb9949cc0712cc735cbd2777724653e11ce0dac3e93e03b237b94757d4bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 6
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:17 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"306b18c070c36050e39ae6989acb2812"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: fEU0pIRq042GdxWss0Fu1_-gGPb3SYbzcKSMKZnzk3SasF79A_0uLg==

GET
H2 200 shared-56d4f640038c3436cd3a5f5c3e4d4a90.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0B02 220 KB
55 KB 28ms
27ms Script
text/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:23 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
etag: W/"e632e207c0d2d0cb53dd8c79c591b524"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: 8KoiddXPsPbpX3eanCxO36QyxEk7A4U_p0oMlRfHYh2nBQhVvi4dzw==

GET
H2 200 ui-shared-f2f3262403983e86033b06bdc141a86d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0B02 214 KB
62 KB 35ms
34ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-f2f3262403983e86033b06bdc141a86d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

82712a438d9a97e1c8c96fe11a28d4763ae4eb7a23c7dc42d00acf945626a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 34
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:23 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 20:45:55 GMT
server: Cloudfront
etag: W/"d240953d161a0828bb3382bc38e9b5ef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: hnqbWpHBamt4JYBb2foMPOOD5lPAq2nwDa827xWlq-Ns93uMGO-F2w==

GET
H2 200 elements-inner-payment-request-fce7d4b4c5241d938a7f03da27a3a15d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0B02 44 KB
15 KB 27ms
27ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-fce7d4b4c5241d938a7f03da27a3a15d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-103.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f02b35f51ecaa34fda2e0de1d0d2c98866334a23a68a0f88a79a0f62ecaf64a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-81883298fa115e41d6202b0a25e59db4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6
x-cache: Hit from cloudfront
date: Fri, 01 Jul 2022 09:36:18 GMT
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 18:09:25 GMT
server: Cloudfront
etag: W/"79f644258f8eab79ee4e1897b67ba7ee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: QiQ7mcpTpa-kq3PMHnl_9GJB4CPGzl3WErb9n9_trUMnwagD5cYFqw==

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame D322 1010 B
2 KB 220ms
219ms Ping
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0dba0dcd37d4395338e7f0b0724bef9f1d79546f0ee0739bd927b6a333565b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.320&components.0=buttons&locale.lang=fr&locale.country=FR&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhVZl9DcVQtQVBmYWJTalpRSWJIQmRnRnRoNWV5WnBiSWR1TlBDUHBtc3hEcHBVeXdRT0h3c05TblRlcUI2bTlsTGtjMUU1TEdhRFdTdmsmY3VycmVuY3k9RVVSJmxvY2FsZT1mcl9GUiZkaXNhYmxlLWZ1bmRpbmc9Y3JlZGl0LGNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF90anJqbmxweGJrc2Roc29pc21haWduaGlxZXdyZmkifX0&clientID=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&sdkCorrelationID=f528264b70f5a&storageID=uid_d3ab2bfa85_mdk6mzy6mji&sessionID=uid_21a5aeb049_mdk6mzy6mji&buttonSessionID=uid_7184fb25fb_mdk6mzy6mji&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f1261724650d3
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7327-LHR, cache-cdg20747-CDG
traceparent: 00-0000000000000000000f1261724650d3-d161fe3cca4dd66a-01
x-timer: S1656668184.758455,VS0,VE198
etag: W/W/"3f2-oguM53RLpqz6aMHUi12OIzbGLbU"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame C288 160 B
1 KB 208ms
207ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F43) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: eab080c48f6d9
date: Fri, 01 Jul 2022 09:36:23 GMT
paypal-debug-id: eab080c48f6d9
server: ECAcc (frc/8F43)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=190
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000eab080c48f6d9-38894e8498a24781-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 1ADC
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS

42 B
299 B

139ms
45ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.320&components.0=buttons&locale.lang=fr&locale.country=FR&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhVZl9DcVQtQVBmYWJTalpRSWJIQmRnRnRoNWV5WnBiSWR1TlBDUHBtc3hEcHBVeXdRT0h3c05TblRlcUI2bTlsTGtjMUU1TEdhRFdTdmsmY3VycmVuY3k9RVVSJmxvY2FsZT1mcl9GUiZkaXNhYmxlLWZ1bmRpbmc9Y3JlZGl0LGNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF90anJqbmxweGJrc2Roc29pc21haWduaGlxZXdyZmkifX0&clientID=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&sdkCorrelationID=f528264b70f5a&storageID=uid_d3ab2bfa85_mdk6mzy6mji&sessionID=uid_21a5aeb049_mdk6mzy6mji&buttonSessionID=uid_7184fb25fb_mdk6mzy6mji&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 01 Jul 2022 09:36:24 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS
Date: Fri, 01 Jul 2022 09:36:23 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 166ms
165ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 165ms
165ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 164ms
164ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame C288 56 KB
19 KB 19ms
19ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (paa/6F59) /

Resource Hash

72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574614
x-cache: HIT
paypal-debug-id: 753edb9b0dcf0
access-control-max-age: 86400
access-control-allow-methods: GET
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=1
dc: ccg11-origin-www-1.paypal.com
content-length: 19745
last-modified: Tue, 21 Jun 2022 22:04:47 GMT
server: ECAcc (paa/6F59)
etag: W/"62b2407f-e12a"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Jul 2022 09:36:24 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B8C86696424C406FBA8B6D1F74FE08FC&RedC=c.clarity.ms&MXFR=20086B26B71D64871B837AF2B31D6AB2
https://c.clarity.ms/c.gif?CtsSyncId=B8C86696424C406FBA8B6D1F74FE08FC&MUID=19F611AFA10760E01995007BA03261D6

42 B
367 B

32ms
32ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B8C86696424C406FBA8B6D1F74FE08FC&MUID=19F611AFA10760E01995007BA03261D6
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.mesopinions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:23 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Jul 2022 09:36:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE12D89C1A7A494695D053EEAADED8B3 Ref B: AMSEDGE1021 Ref C: 2022-07-01T09:36:24Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B8C86696424C406FBA8B6D1F74FE08FC&MUID=19F611AFA10760E01995007BA03261D6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 9484 0
127 B 166ms
165ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-56d4f640038c3436cd3a5f5c3e4d4a90.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 01 Jul 2022 09:36:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame C288 125 B
714 B 236ms
235ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F80) /

Resource Hash

3e3fc945e6c3a94880f333900593a87ba978a981565d812623bf63467887d5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Jul 2022 09:36:23 GMT
correlation-id: 46ecf6102526
content-type: application/json
server: ECAcc (frc/8F80)
traceparent: 00-0000000000000000000046ecf6102526-2d385ca8ebf9d2e5-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 46ecf6102526
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=218
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame C288 0
143 B 219ms
218ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8EA8) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Jul 2022 09:36:24 GMT
correlation-id: 5cd9163588ca8
server: ECAcc (frc/8EA8)
traceparent: 00-00000000000000000005cd9163588ca8-4261e22061e83aea-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 5cd9163588ca8
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=201
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame C288 0
402 B 285ms
203ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_21a5aeb049_mdk6mzy6mji&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 09:36:24 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 91e6d09f32108
traceparent: 00-000000000000000000091e6d09f32108-b89cc8f84ed02948-01
x-timer: S1656668184.206702,VS0,VE185
x-served-by: cache-lhr7338-LHR, cache-cdg20732-CDG
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 91e6d09f32108
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame D322 1013 B
1 KB 193ms
192ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

95293730fcf31eadc44420fb8f600199a2553cef0f3f774ab33e6c934ed112ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=black&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.320&components.0=buttons&locale.lang=fr&locale.country=FR&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVhVZl9DcVQtQVBmYWJTalpRSWJIQmRnRnRoNWV5WnBiSWR1TlBDUHBtc3hEcHBVeXdRT0h3c05TblRlcUI2bTlsTGtjMUU1TEdhRFdTdmsmY3VycmVuY3k9RVVSJmxvY2FsZT1mcl9GUiZkaXNhYmxlLWZ1bmRpbmc9Y3JlZGl0LGNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF90anJqbmxweGJrc2Roc29pc21haWduaGlxZXdyZmkifX0&clientID=AXUf_CqT-APfabSjZQIbHBdgFth5eyZpbIduNPCPpmsxDppUywQOHwsNSnTeqB6m9lLkc1E5LGaDWSvk&sdkCorrelationID=f528264b70f5a&storageID=uid_d3ab2bfa85_mdk6mzy6mji&sessionID=uid_21a5aeb049_mdk6mzy6mji&buttonSessionID=uid_7184fb25fb_mdk6mzy6mji&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Jul 2022 09:36:24 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f126172d6a295
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7339-LHR, cache-cdg20747-CDG
traceparent: 00-0000000000000000000f126172d6a295-da2fb8dd693ee177-01
x-timer: S1656668184.140726,VS0,VE174
etag: W/W/"3f5-/k7l0s+MP/lWEXC/BN0N6h7uue8"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1015 B
2 KB 195ms
195ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8aeff847445d439086673ecc5562081090c7950ea742ba2532b259ba9bdba465

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.mesopinions.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Jul 2022 09:36:24 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f1261726f162c
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7325-LHR, cache-cdg20765-CDG
traceparent: 00-0000000000000000000f1261726f162c-0040ec1064bca272-01
x-timer: S1656668184.342169,VS0,VE177
etag: W/W/"3f7-yM1W2mt0ViPc3TY7oh4O3mCP8a0"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mesopinions.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 200ms
200ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mesopinions.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.mesopinions.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 01 Jul 2022 09:36:24 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f1261724b39da
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f1261724b39da-6a7f3af9dfe660f5-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-lhr6626-LHR, cache-cdg20765-CDG
x-timer: S1656668184.141223,VS0,VE182

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 102ms
102ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.mesopinions.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.mesopinions.com
date: Fri, 01 Jul 2022 09:36:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 6 Show response
m.stripe.com/ Frame 708F 156 B
522 B 169ms
169ms XHR
application/json 54.201.229.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.229.78 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-229-78.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4edc5dc31adac16db61e46427f9266ce83cfd1538ebef57a4b6d11188b6047f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Jul 2022 09:36:27 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.mesopinions.com
URL: https://www.mesopinions.com/public/assets/logo.jpg

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t.news.mesopinions.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: cydbyrzrko22a1jchcsivqso
t.news.mesopinions.com/	1969-12-31 23:59:59	Name: SERVERID Value: mindtrack4.odiso.net
www.mesopinions.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: afqu3ie0dnsijn99dqsvbjv0bv
www.mesopinions.com/	1970-01-20 06:20:44	Name: languser Value: fr_FR
www.mesopinions.com/	1970-01-20 12:56:44	Name: mesopinions Value: WsmSwAs9iwBNbkbpCvMqjATeUNc3NpmYw8yS%2BZ70KkU%3D
.bing.com/	1970-01-20 13:32:44	Name: MUID Value: 19F611AFA10760E01995007BA03261D6
.mesopinions.com/	1970-01-20 04:12:34	Name: _uetsid Value: 44c702e0f92111ecb96b25d21eb3e6e4
.mesopinions.com/	1970-01-20 13:32:44	Name: _uetvid Value: 44c79a40f92111ecac76ef825e4fff08
prz.mesopinions.com/	1970-01-20 12:57:05	Name: prZcook Value: 28a3eeee-e296-c335-4bff-9ab1019f4775
.mesopinions.com/	1970-01-20 06:20:44	Name: _fbp Value: fb.1.1656668182508.2041425906
.facebook.com/	1970-01-20 06:20:44	Name: fr Value: 0MMq5CB6qgFLrUhQ2..BivsAW...1.0.BivsAW.
.mesopinions.com/	1970-01-20 04:12:34	Name: _gid Value: GA1.2.1473056019.1656668183
.mesopinions.com/	1970-01-20 21:42:20	Name: _ga_RV2VNB9SQ6 Value: GS1.1.1656668182.1.0.1656668182.0
.mesopinions.com/	1970-01-20 06:20:44	Name: _gcl_au Value: 1.1.963634035.1656668183
.google.com/	1970-01-20 08:34:39	Name: NID Value: 511=qRsmy5H4NhuleSJJzYE9oly2GTS3Ie4G3Ft-ZdqYDX7ndSIYcddqJ2kCTEZkgI8uaEMQznjMoGe8pB3LX4Qgf-3YxvKO7wuozthKYesXa-DjI3DGqL-W_RP7DM-0V3i1WK-4NjSnOGpX2Lu3qlTEoGArbTe9n9mKITOiu3-xfdk
.mesopinions.com/	1970-01-20 04:11:08	Name: _gat_UA-1781857-2 Value: 1
.mesopinions.com/	1970-01-20 21:42:20	Name: _ga Value: GA1.2.581912871.1656668183
.mesopinions.com/	1970-01-20 04:11:08	Name: _gat_gtag_UA_1781857_1 Value: 1
www.clarity.ms/	1970-01-20 12:56:44	Name: CLID Value: d52ebb0e5f7340bb9d91faf02d7beb1f.20220701.20230701
.paypal.com/	1970-01-20 04:11:09	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-21 06:27:56	Name: ts_c Value: vr%3Db91e58ec1810ad007320c54eff61071e%26vt%3Db91e58ec1810ad007320c54eff61071d
.doubleclick.net/	1970-01-20 04:11:09	Name: test_cookie Value: CheckForPermission
.mesopinions.com/	1970-01-20 12:56:44	Name: _clck Value: 1uuvivt\|1\|f2s\|0
m.stripe.com/	1970-01-20 21:42:20	Name: m Value: e8ffa16b-5d87-4885-8f74-1d5078dab0aafd7cf2
.mesopinions.com/	1970-01-20 04:12:34	Name: _clsk Value: 1f11k1n\|1656668183885\|1\|1\|b.clarity.ms/collect
.www.mesopinions.com/	1970-01-20 12:56:44	Name: __stripe_mid Value: 41bfbc2a-1417-4aa0-bcef-48e0afd374d369cc1f
.www.mesopinions.com/	1970-01-20 04:11:09	Name: __stripe_sid Value: 2cf0ee1c-104f-4183-b9d3-a32b33c2c6484b5570
.paypal.com/	1970-01-20 12:56:44	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 04:11:39	Name: LANG Value: fr_FR%3BFR
.paypal.com/	1970-01-20 04:15:27	Name: tsrce Value: loggernodeweb
.c.bing.com/	1970-01-20 13:32:44	Name: SRM_B Value: 19F611AFA10760E01995007BA03261D6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:32:44	Name: MUID Value: 19F611AFA10760E01995007BA03261D6
.c.clarity.ms/	1970-01-20 04:11:08	Name: ANONCHK Value: 0
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY1NjY2ODE4NDI0MyIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 06:27:56	Name: ts Value: vreXpYrS%3D1751362584%26vteXpYrS%3D1656669984%26vr%3Db91e58ec1810ad007320c54eff61071e%26vt%3Db91e58ec1810ad007320c54eff61071d%26vtyp%3Dnew
.c.paypal.com/	1970-01-21 23:59:08	Name: sc_f Value: ZyCGOuK9f7c8Ie-I67pIWGlD3QZtAZKz0twuzs6pqG3fRaM9fM692NUH6EgpYa2qSyWirO_Lxv0NrZmFxuzXQvHkMGo6BJhUnCTaSG
.paypal.com/	1970-01-27 11:23:08	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: m0tl8JU92l9J_WVKFCg0CNjGR5a1n_8uOnQWPAM9bi18DFQMRawPzvKM2SodoxpZOqawpKc3_3aMdhPq

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.clarity.ms
b.stats.paypal.com
bat.bing.com
c.bing.com
c.clarity.ms
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
connect.facebook.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
prz.mesopinions.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
t.news.mesopinions.com
t.paypal.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.mesopinions.com
www.paypal.com
www.mesopinions.com
108.138.7.103
13.224.189.45
142.250.185.98
151.101.129.21
151.101.129.35
185.151.189.219
192.229.221.25
20.234.93.27
20.75.32.255
2001:4860:4802:32::36
2001:4860:4802:36::178
2606:4700::6811:180e
2620:1ec:27::cafe:1501
2620:1ec:c11::200
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c00::5c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::291
2a0a:1580:2000:1c00::16
52.50.116.85
54.186.23.98
54.201.229.78
64.4.245.84
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
036ba09356e3cf845bc227a41d82f1408e9cdfcf047db5ec2fe4258863234c9e
08606849b84af6de8fd3be7edd93f46c922fc7d7244a71a599e057c32b15b4aa
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0dba0dcd37d4395338e7f0b0724bef9f1d79546f0ee0739bd927b6a333565b7f
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1546b7a39d69b50076752f2ea5396dc785a9f298f3904c934d86438b8e186694
15b13b0320ca3644fe92d2f23e9fdd489c04bbae16d703be97b709c31f62d61f
1bb4016a43af457603ecb497df28a650e40508c27bd8331e972cf4a630f06f90
1e343a108b7f047f2bccb3f04141caf8361305b5580bbf733ab7b1a9521d7e3c
248fb02c675e464535cbdc8f9e0339b663d962258f8a1b1c0a81e00ef0e03e28
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd
28a9cc22e944e9b07f9d47e6d80ef30b5a70dc508069d72316984f39e3034f18
2d2a22ac292f6355d71b9c2fff414ed3365497d3d020fa3262bf2eb20aeb564c
35767d6d130c6ac84c50be5b059f3be70c00f258950203172acb7150adbaf2cf
3e3fc945e6c3a94880f333900593a87ba978a981565d812623bf63467887d5fc
3eb0b6ef22d4bf8ed3b3b4f90168da8fc8fe4b878f45d632cd0512afea90bbbc
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
43351283a15ba13d9b56ed3d3fe75b1c105b1da04351862be1a3c47f48cebd89
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad
4a4f5b6ae3dc1891af601cab87fc40dd5c44a8d4a3dfed19662d6b92bbda496d
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4e5e65c76b990678e9e478ab2c87ead636567f30d09e55759ccdc3c070f29cd2
4edc5dc31adac16db61e46427f9266ce83cfd1538ebef57a4b6d11188b6047f8
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
594c171115de4ff46935fafd6f44b1b0c2c285ab99d4e523b5073cbd1c66508a
5d710efe022f6d2104908e5b53877317be039d4944eb1476a73fb811b5de50ed
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5ff958950b2d10985adf9382fdf36160fe318d7d35ed9e530cc39937a15c505f
62b0f57b1e4d1c00b61bef370d6daaba40921293d7902e67a8926f637db7bea2
6482f2d58e2e8a5d1d594914ab5a6cf725f37799eb267a3bff15e4096a05d6f4
68c586184af80acfa7a0ca567af95389feea582d4fa6a7732d12b46b09d80e52
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e34051cde5e5c2b3fc2859a7becf79ff0440512af55abe8df23d1b16fcc0429
72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43
773d702a9bfefd054b0abe973537eaee2c89067adcefaf95000fe3021b863bb6
783de91271f9de2f414a4c46199e17c7d62c077a663b9f5b63b6d1ef5aeb764b
79574bd6db8bde391d42c8ddb7c47d6418bbfb06da69eab22a83461ede5dedbb
79bcb9949cc0712cc735cbd2777724653e11ce0dac3e93e03b237b94757d4bf0
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
825bcade67052cde99899ccc90782226d1c1baab39244f26884dae084e7fc021
82712a438d9a97e1c8c96fe11a28d4763ae4eb7a23c7dc42d00acf945626a48a
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
8abb289bfb154a30d2152910e389523598813649d268405b5f1cf04babef81e6
8aeff847445d439086673ecc5562081090c7950ea742ba2532b259ba9bdba465
92d9b46ae81bd562f0c5c428c3235954f38f290027f9399315fa5ac4d1867676
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
95293730fcf31eadc44420fb8f600199a2553cef0f3f774ab33e6c934ed112ca
998f2977326092ee03bb084e89d5a8d0774894407e6fd7e4887c95e0697f9cbd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a8b683bd93952dfc014b732c87140a889b1302e487fcf469dc3214213c51e0f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ae1b1e05465460ea1e2f18cca19a232960e756e867d3063a335e5ed4f7f3018b
ae8ab2b6e48fdef457c84b2b32b1e7a980579dfc50622ee62fcc515b68752399
aec43af35782cd2b4e3f64111e22a47401f7a2c85c8c47878eb4cad31626043a
b13e67e8166c7089a323aeb0d4c7bb3772f4edece8f9451ab5c95c445768ab65
b1f8161abd4643fbb3a80efc25238250e36912c8cef78c567d016e63fd60881f
b32de33f3f337514e84bfdbd862151bf83ab68b5e09962c1f6280a941e25c1fd
b7e49a3d1da074b2b9a1a526b701987315f050a3a121fe66a3cdb3ab96f564bb
badac3c29f0e4f70f137d5766ba5a9d3c74f1e8f018cd7d98db00c884e9240ad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd283f62d63480d92f3fb93eb45078ec16b22568b27da1e14401490226b6ff7b
bdf20b59e444d54bdf65bc6baf255ad51a76337b7c2fb0806c4f688b05c0b0e4
bdf751bb85cef72d7ccfdc8e5492c76aece1cbda1fe0c0ad11bd6e65e6661436
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
d015e1b7689128fe70e60957c94abedc6592c7a1a37d7811fd0c14384f79407b
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d490dc01b594b99a0c49cfb34f23f89d7a450e66b40c41d3f2e89a413c31911a
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d731c357433b32f38555d25a1c7f516f21b6df446bbdaeeb05e6ce6d5adaca02
e0425b5c514dfc4f88748cf0f2966b2891250777e7917a6b5eb4b7c2f64209e9
e0fce30c6314974d486943a628358da525bc02fbd8226716e680366067cb40f9
e1e368229204f18301bbc1fb8bf1bf3bab9493643319127a1d4bdaad16fcd682
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e24bf6081cd3ac2ea239adbff6e1780495712a8830a0b38bdec212b195b5196b
e26478c169e62cf2e6a7a908c2e7e8a7a02cb977c233765c70b15b62e949c534
e36955966aaf0d415f1245a06cf4f131226b7eed886f2360cf548acfa69d12ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e488b9b42d4ddeef06309ae3bcf87357d07100b66dd498a5bd6e6a496f02060f
e4ca73df6ee4216851a57fdd72541d16e1c2cb15a343548241ba997111bbe2b3
e5f958d243e4873516c80f8c428c1f8bf0e11ecae6b8c1c7a5e526aacda61124
e72deae400013e9f9159c9c194c5366240f728bcb9c1a57d52307aea1ad08563
eae22784f13f727ab7a7f589e69f57e624c99917dab11992af3fd41e986a10de
ec362c92858ef3c380f847c20df9f01ccd961e0c8433767f43cdf479274ff96a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef494abdb60074890135fd4524fe6c76cffa2f9ed7d88eb5013ca0025fab1b68
f02096822230b7c80c83da7fad06310a02fab1b66374520892ec238442abaa42
f02b35f51ecaa34fda2e0de1d0d2c98866334a23a68a0f88a79a0f62ecaf64a6
f0401cc8fdae2285fea0ee0e742a1b119206b1cf1979b25027e9c04ce0b9d334
f2f69706ff7a11db5c20845694ae34621935c5b342b8b16bfb2e54d93f212ab0
f3d34ebe45c4eab8003570efb69d662fabf6acc382005c1515a01ecd231435ab
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f66b57a92a9dbb1d4e44b5ba1cbd5a7f99088ad126d946bffa1acdd92ddda907
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fed675a1b9aca9e3d05aa38163c39a0b218e637ee1466bc9d8a806ae1f6bd5ee
ff2d760b794858017b7290b971b5b8ef731828ad13c2004f2f2923b3fe902f08
ffa3618e25fb06185f55a1354128b16a1e35490f3e0986cbc494c93566a9d161
ffb8ec69a8e18595f6fd20ded87fe1226c011af3c19039d33e32ebfd391a5bb6

www.mesopinions.com Open in urlscan Pro 2a0a:1580:2000:1c00::16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

98 %HTTPS

58 %IPv6

17 Domains

34 Subdomains

31 IPs

5 Countries

2868 kBTransfer

8480 kBSize

38 Cookies

4 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mesopinions.com Open in urlscan Pro
2a0a:1580:2000:1c00::16 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

98 %
HTTPS

58 %
IPv6

17
Domains

34
Subdomains

31
IPs

5
Countries

2868 kB
Transfer

8480 kB
Size

38
Cookies

197 HTTP transactions
2 data transactions