give.ccf.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW2...
Effective URL:
https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHF...
Submission: On September 21 via api (September 21st 2022, 6:43:32 pm UTC) from US — Scanned from DE

Summary HTTP 229 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 33 domains to perform 229 HTTP transactions. The main IP is 2606:4700::6812:7115, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.ccf.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.

This is the only time give.ccf.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1f69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.121.61 13.32.121.61	16509 (AMAZON-02) (AMAZON-02)
22	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
15	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.121.116 13.32.121.116	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
6	3.231.52.38 3.231.52.38	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::5f	15169 (GOOGLE) (GOOGLE)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:9a00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4843	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
12	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	54.149.23.244 54.149.23.244	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
4	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
26	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
229	43

2 2606:4700::6812:1f69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cxd3d04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)

give.ccf.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-61.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.231.52.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-52-38.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)

pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:9a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4843 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.149.23.244 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-23-244.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	stripe.com js.stripe.com — Cisco Umbrella Rank: 972 q.stripe.com — Cisco Umbrella Rank: 6432 m.stripe.com — Cisco Umbrella Rank: 898 r.stripe.com — Cisco Umbrella Rank: 4376	611 KB
34	google.com pay.google.com — Cisco Umbrella Rank: 2890 play.google.com — Cisco Umbrella Rank: 24	790 KB
19	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 86451 pay.classy.org — Cisco Umbrella Rank: 123200 assets.classy.org — Cisco Umbrella Rank: 101124	1 MB
16	paypal.com www.paypal.com — Cisco Umbrella Rank: 2582 t.paypal.com — Cisco Umbrella Rank: 3344	211 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	399 KB
15	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	78 KB
15	ccf.org give.ccf.org	57 KB
10	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 738 notify.bugsnag.com — Cisco Umbrella Rank: 1069	203 B
7	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2796 heapanalytics.com — Cisco Umbrella Rank: 2410	47 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 394 www.linkedin.com — Cisco Umbrella Rank: 623 px4.ads.linkedin.com — Cisco Umbrella Rank: 6198	4 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 714 syndication.twitter.com — Cisco Umbrella Rank: 995 analytics.twitter.com — Cisco Umbrella Rank: 538	134 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	526 B
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2268	33 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	500 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1428 insight.adsrvr.org — Cisco Umbrella Rank: 624	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1039	18 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 215	1020 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	54 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	123 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15698	75 KB
2	hubspotlinks.com 1 redirects cxd3d04.na1.hubspotlinks.com — Cisco Umbrella Rank: 993724	3 KB
1	t.co t.co — Cisco Umbrella Rank: 489	338 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 613	15 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 654	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	183 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 326	18 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 797	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 32515	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1027	5 KB
0	rackcdn.com Failed 479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com Failed
229	33

	Domain	Requested by
26	play.google.com	www.gstatic.com
24	r.stripe.com	js.stripe.com
22	js.stripe.com	give.ccf.org cxd3d04.na1.hubspotlinks.com js.stripe.com
15	www.google-analytics.com	cxd3d04.na1.hubspotlinks.com www.gstatic.com
15	give.ccf.org	cxd3d04.na1.hubspotlinks.com give.ccf.org
13	prod-frs.content.classy.org	give.ccf.org cxd3d04.na1.hubspotlinks.com prod-frs.content.classy.org
12	www.paypal.com	cxd3d04.na1.hubspotlinks.com www.paypalobjects.com
12	q.stripe.com	cxd3d04.na1.hubspotlinks.com
8	www.gstatic.com	pay.google.com www.gstatic.com
8	pay.google.com	js.stripe.com pay.google.com cxd3d04.na1.hubspotlinks.com www.gstatic.com
8	notify.bugsnag.com	cxd3d04.na1.hubspotlinks.com
7	fonts.gstatic.com	fonts.googleapis.com
6	heapanalytics.com
4	t.paypal.com
4	pay.classy.org	cxd3d04.na1.hubspotlinks.com
3	stats.g.doubleclick.net	cxd3d04.na1.hubspotlinks.com
2	www.paypalobjects.com	cxd3d04.na1.hubspotlinks.com
2	www.facebook.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	cxd3d04.na1.hubspotlinks.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	bam.nr-data.net	cxd3d04.na1.hubspotlinks.com
2	assets.classy.org
2	www.youtube.com	cxd3d04.na1.hubspotlinks.com
2	platform.twitter.com	cxd3d04.na1.hubspotlinks.com
2	www.googletagmanager.com	cxd3d04.na1.hubspotlinks.com
2	sessions.bugsnag.com	cxd3d04.na1.hubspotlinks.com
2	cdn.plaid.com	give.ccf.org cxd3d04.na1.hubspotlinks.com
2	cxd3d04.na1.hubspotlinks.com	1 redirects
1	m.stripe.com	m.stripe.network
1	insight.adsrvr.org	cxd3d04.na1.hubspotlinks.com
1	analytics.twitter.com
1	t.co
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	js.adsrvr.org	cxd3d04.na1.hubspotlinks.com
1	snap.licdn.com	cxd3d04.na1.hubspotlinks.com
1	static.ads-twitter.com	cxd3d04.na1.hubspotlinks.com
1	code.jquery.com	cxd3d04.na1.hubspotlinks.com
1	fonts.googleapis.com	cxd3d04.na1.hubspotlinks.com
1	geolocation.onetrust.com	cxd3d04.na1.hubspotlinks.com
1	js-agent.newrelic.com	cxd3d04.na1.hubspotlinks.com
1	cdn.heapanalytics.com	cxd3d04.na1.hubspotlinks.com
1	unpkg.com	give.ccf.org
1	htp.tokenex.com	give.ccf.org
1	static.cloudflareinsights.com	give.ccf.org
0	479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com Failed	prod-frs.content.classy.org
229	48

This site contains links to these domains. Also see Links.

Domain
www.classy.org

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
give.ccf.org Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2022-01-12` - `2023-02-13`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 13 frames:

Primary Page: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
Frame ID: A5FCD5B77BEAEFC4EFDE1307512AD2AA
Requests: 112 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-c235b297e0ebb82ed3cdd25a46321ffb.html
Frame ID: 8ACBFD5E81CF16318FCFEA7B98F069E1
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fgive.ccf.org
Frame ID: EC18BF0C9AC6E708B397509599D1049A
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6D2EEB167E16BB090349A1BB5AD459BE
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=yj83vjt&ref=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&upid=4l0ngrj&upv=1.1.0
Frame ID: 607CB160573B2E0843B9A7EB6EB00793
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html
Frame ID: 47EE5A19FD6CEADCC3F77965B281DF94
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html
Frame ID: 37FBF9B00EC68A41458856DDBF3334E6
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html
Frame ID: A4EDAAC0A91DAAC14E8EBAC72C4DD356
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html
Frame ID: 82F94593BB5A4C37AE01D85359312BD8
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html
Frame ID: C11182315C1FF9C2CD4ED0BA3B9A1F13
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: D17A4E9683BD59E0D772D131835FD94C
Requests: 15 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 5D07139938B3ADFC1706099FC3560744
Requests: 15 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 42BB5441D71558858C376D3DAAC1C2AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Cleveland Clinic INbox

Page URL History Show full URLs

https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7... Page URL
https://cxd3d04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6... HTTP 307
https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2AN... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

229
Requests

99 %
HTTPS

56 %
IPv6

33
Domains

48
Subdomains

43
IPs

6
Countries

4282 kB
Transfer

14504 kB
Size

46
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1 Page URL
https://cxd3d04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1?_ud=0a126e0a-9b85-4ce7-89a7-d97c77472e35&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D312650%26time%3D1663785805351%26url%3Dhttps%253A%252F%252Fgive.ccf.org%252Fgive%252F219429%252F%253Futm_campaign%253DeNews%2526utm_medium%253Demail%2526_hsmi%253D226799727%2526_hsenc%253Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%2526utm_content%253D226799727%2526utm_source%253Dhs_email%2523%2521%252Fdonation%252Fcheckout%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23%21%2Fdonation%2Fcheckout&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23%21%2Fdonation%2Fcheckout&liSync=true&e_ipv6=AQLGXL-SJatURAAAAYNhXKj9FocGmejnWWVDhBcuGk0hWwwIoaZFJfgruvDmc52wKkZk-7NbkA

229 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b...
cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/ 9 KB
3 KB 587ms
476ms Document
text/html 2606:4700::6812:1f69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 74e4f22baf5dcc56-ZRH
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 21 Sep 2022 18:43:21 GMT
referrer-policy: no-referrer
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 1e8339e1-d157-499c-b891-0d09bd2e38fb
x-robots-tag: none

GET
H2

200

Primary Request / Show response
give.ccf.org/give/219429/
Redirect Chain

https://cxd3d04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S...
https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm...

90 KB
25 KB

1544ms
1051ms

Document
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Requested by

Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56781c1f2fd72255c58e1a3fff00cdfcb074cafb70ebd40a40f1a748fd687ed1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 74e4f23348b2cc56-ZRH
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:23 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 74e4f22ecae1cc56-ZRH
date: Wed, 21 Sep 2022 18:43:22 GMT
link: <https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email#!/donation/checkout>; rel="canonical"
location: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email#!/donation/checkout
referrer-policy: no-referrer
server: cloudflare
x-hubspot-correlation-id: e11ea28f-29cc-4970-9cd7-f16c46a522a6
x-robots-tag: none

GET
H2 200 main.css
prod-frs.content.classy.org/prod/16932/static/frs/ 1 MB
139 KB 137ms
69ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/frs/main.css

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428a29a9745759e9e8d13582ba6677b91f26256db0334ad4585fd4573e42512a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 44824
cf-polished: origSize=1099776
x-amz-request-id: F8J0K80ANYCGP3J5
x-amz-id-2: 7u3fNGYM7n45RBaa2TWyVGkNoyVBnOcj6Mc7ApeiTMPX7uM/QPce0Kni3LDzzlEDeQ/Qv8xZyjA=
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
etag: W/"76991c07f7c922f23796f912084614a2"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 74e4f23a996e2355-ZRH
cf-bgj: minify

GET
H2 200 rocket-loader.min.js Show response
give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 31ms
30ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6329cb53-302c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f23a3abfcc56-ZRH
expires: Fri, 23 Sep 2022 18:43:23 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 117ms
67ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: give.ccf.org
URL: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://give.ccf.org/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:23 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 74e4f23a886dcc46-ZRH

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/16932/static/onetrust/ 50 KB
12 KB 62ms
60ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 44824
cf-polished: origSize=54583
x-amz-request-id: RRWK2QJ0J86D3H44
x-amz-id-2: 5r2ii1OLntMjJsNCoIbnYMrdzCT9PfZUhw2VDxXzDlG+Eot7A6jFe0oAUsUuIw4r+5pROHFeYEk=
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 74e4f23b7af92355-ZRH
cf-bgj: minify

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 17 KB
5 KB 550ms
136ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9e6ee5d369e4fea8821fd34d180c466fbf6bb9ca6a91f1488edc024bd6a2c4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 15:24:25 GMT
etag: "809a25bf4c2d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:43:24 GMT
accept-ranges: bytes
content-length: 4497
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 87ms
39ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1014992
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
fly-request-id: 01FF6H925DYEB8ZPR9RDNX28BP
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74e4f23bccaccc56-ZRH

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/16932/static/frs/donation/ 179 KB
36 KB 70ms
69ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/frs/donation/module.min.js

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8863ad9c5cbf8db7c1d89afaf49669fe19d1e90ec2228d0d2bdf8229cb9e00bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
age: 42394
etag: W/"de4eeda8754eb3ed5a41003aa48aa05d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f23b7afc2355-ZRH
x-amz-request-id: RRWMSYNYG41MVY19
x-amz-id-2: +m6n6H01xf2sLBay2wzcDjCiaIoGEObiaj47gVcK9CjEBnLf8BDvWrUVp7rng4M4ZrhDN1Tfx4A=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/16932/static/global/ 2 MB
365 KB 74ms
73ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/module.min.js

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3737153a44af2553ac8431740f495757de80b963891092e626148b146255bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
age: 44824
etag: W/"0d94a5c55ce1c995781e1c801a6f7e27"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f23b7afd2355-ZRH
x-amz-request-id: RRWVHEFBNCFWB10Y
x-amz-id-2: goB0wGhv1lMTHnwLjgwONR7ILCNp/sCHy36J+dMnP83ust6RRGfdHOzvxqGhS3oU14SokTZhacs=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/16932/static/global/ 1 MB
430 KB 72ms
70ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/libs.min.js

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
age: 44824
etag: W/"772e1301b871cc2545926cb86ee5965f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f23b7afe2355-ZRH
x-amz-request-id: RRWSKG7F816QKJ0M
x-amz-id-2: t3m/ph9u5FxbDNoTjMLyLnxds2uTWb55cD3kteJYGdHDbNU7shLLVf6dHOo+fn/Y8HN6tfQPFwk=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 95 KB
32 KB 156ms
52ms Script
application/javascript 13.32.121.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3049a22d4579362f2b14a5c59b2e07122f33aaffee53ee5b576bf294536e6f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 19:54:34 GMT
content-encoding: gzip
age: 82131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: 8QNM1P5ZA398GBJY
x-amz-id-2: wGfORNE9LuEEkVJyTtrzyci44YXE6nzH0KofdLTL2vK3VpdHbrZA7XdYc2lgADRmsCTWdxDDjxw=
last-modified: Tue, 20 Sep 2022 18:53:06 GMT
server: AmazonS3
etag: W/"879d8779c152eddc2f08050e75ef4340"
vary: Accept-Encoding
x-amz-version-id: i35fqehR23efAvA0xLqCrRpNziKv8lJP
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: l_BE3Un46bnqTTKk0MUKlQppjfTWagq5M52jpgVGnbTJtceCKS2T9A==

GET
H2 200 / Show response
js.stripe.com/v3/ 344 KB
83 KB 212ms
64ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: give.ccf.org
URL: https://give.ccf.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c7292850485562720d66ca342db38c7bed1ece0c7c32601c26337eab268518b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 12
x-cache: HIT
content-length: 84947
etag: "40e3015e25960f89049ce8b3cb21854d"
x-request-id: e9361fcd-a86d-47db-9374-51c006702a61
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:41:38 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:24 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5246
date: Wed, 21 Sep 2022 17:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 19:15:58 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 118 KB
46 KB 127ms
31ms Script
application/javascript 13.32.121.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-116.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

01b8dae7b9ed72d6d5d1f74f6e34f4ec98ab9aa1e8be13eb4fb97062e01b3aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:42:45 GMT
content-encoding: gzip
server: nginx
age: 38
etag: W/"1d6c6-i5lUzJGRrx2Bcxt6fT2vsQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -sNWPxRhqK72HwSjOurl6l1Y0v8ZNkWQlAZTKCX1JB887T6e3vAIlA==

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
139 B 160ms
159ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.ccf.org/
Bugsnag-Sent-At: 2022-09-21T18:43:24.352Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:43:24 GMT
via: 1.1 google
bugsnag-session-uuid: bbcc618e-decc-495b-af41-2c647a2d811e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 234ms
162ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 21 Sep 2022 18:43:24 GMT
via: 1.1 google

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 793 KB
48 KB 286ms
221ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGKK4PM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

797ad32ddcf4bcc45d1dcbbdd66f5a380fcc8476eb3ea7ec64932f075a11ff43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48849
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Sep 2022 18:43:24 GMT

GET
H2 200 sdk.js Show response
give.ccf.org/sso/ 21 KB
6 KB 584ms
584ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/sso/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

aced4f41e502cecbe2954a7b643c073d5a8070d00dd4bc17fa9d48527aa101a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 21 Sep 2022 18:43:24 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f23d4ea5cc56-ZRH
expires: Wed, 21 Sep 2022 19:03:24 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1388/ 0
43 KB 22ms
22ms Other
application/javascript 13.32.121.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1388/link-dynamic-loader.js
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 19:54:34 GMT
content-encoding: gzip
age: 82131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 18:53:06 GMT
server: AmazonS3
etag: W/"235ef2908bd4c2e15762c5ed3f5d5a6a"
vary: Accept-Encoding
x-amz-version-id: 9ORTw7.E_VMQ3eTRwoVJvlRvvK3iJ5ZJ
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: YkfChbJ3qveui4FpnT7NY3w8gxf0SK2NqU75-YddIN0ywU-iXouUVw==

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 327ms
106ms Image
image/gif 3.231.52.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7715769940160059&v=3307760297932530&s=2597044550277188&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F219429%2F&q=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&d=give.ccf.org&t=Cleveland%20Clinic%20INbox&us=hs_email&um=email&uc=226799727&ua=eNews&ts=1663785804374&st=1663785804376

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-52-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:24 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 m-outer-c235b297e0ebb82ed3cdd25a46321ffb.html Show response
js.stripe.com/v3/ Frame 8ACB 186 B
772 B 64ms
63ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-c235b297e0ebb82ed3cdd25a46321ffb.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1cdb550801da5630adfdbf6ec4a4aee2fe432116e0007fadadb9b3bafd9b9256

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2069
cache-control: max-age=31536000
content-encoding: br
content-length: 114
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:24 GMT
etag: "c235b297e0ebb82ed3cdd25a46321ffb"
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 338
x-content-type-options: nosniff
x-request-id: 180a87ae-0c91-44ac-833a-da6862d08e1d
x-served-by: cache-hhn4025-HHN

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 61ms
18ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: SBYDAGRMX6GE5GJM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: uqZQv+e4j632xQQzSCorBAdBXNiZ65j+F9QIEx55NiLaq394pui+FVqcwX6N+mn7vslXAvWAMOQ=
x-served-by: cache-hhn4074-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1663785805.673765,VS0,VE0
date: Wed, 21 Sep 2022 18:43:24 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7621

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/16932/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 53ms
53ms Stylesheet
text/css 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 44822
cf-polished: origSize=22581
x-amz-request-id: SC5WG1ZMC82MG74P
x-amz-id-2: AuR9HVpz3a21T8bGyapD+eIdU2Thx3/wp0xIClpBL+3GIHBtm4oUM8dtSEybCBCm7Bl4V2WGMg4=
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 74e4f23ef9d02355-ZRH
cf-bgj: minify

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
183 B 183ms
78ms Script
text/javascript 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery321013967597494202022_1663785804225&_=1663785804226

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e4f23fad6201fc-ZRH
content-length: 32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 245ms
167ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 google

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 242ms
167ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 google

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 173ms
25ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: 8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 18:43:24 GMT
Content-Encoding: gzip
Age: 1001
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29220
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
Server: ECS (amb/6B89)
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 131ms
64ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b003c62f1cf4122a3d475619abe0ae2d289f4ea46542e5e9a342eff7e206b12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 21 Sep 2022 18:43:24 GMT

GET
H2 200 tax-entities Show response
give.ccf.org/frs-api/organizations/54819/ 397 B
306 B 550ms
550ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/frs-api/organizations/54819/tax-entities

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8755ab3ff440e9c675d63c161a7fdc59680cb5b9cc95fe118130b1d33f58304b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
tracestate: 423787@nr=0-1-423787-363751183-f72ad6422a5e081d----1663785804813
traceparent: 00-e81743684d7c5085c8067831fd9093a2-f72ad6422a5e081d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmNzJhZDY0MjJhNWUwODFkIiwidHIiOiJlODE3NDM2ODRkN2M1MDg1YzgwNjc4MzFmZDkwOTNhMiIsInRpIjoxNjYzNzg1ODA0ODEzfX0=
Accept: application/json, text/plain, */*
csrf-token: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"18d-XVYYBdOBh2ueoN3Rmh2TNKatthY"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 74e4f2402b3acc56-ZRH
vary: Accept-Encoding

GET
H2 200 market-data Show response
give.ccf.org/frs-api/crypto-giving/BTC/USD/ 35 B
146 B 230ms
230ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6414c8fd07babfdae2e45946828eba26372f5583d05f14ff6a5cc9213ca34b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
tracestate: 423787@nr=0-1-423787-363751183-26f7d8052702f673----1663785804848
traceparent: 00-d79f7b87a858a503bd0c18bcf7274ee6-26f7d8052702f673-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyNmY3ZDgwNTI3MDJmNjczIiwidHIiOiJkNzlmN2I4N2E4NThhNTAzYmQwYzE4YmNmNzI3NGVlNiIsInRpIjoxNjYzNzg1ODA0ODQ4fX0=
Accept: application/json, text/plain, */*
csrf-token: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"23-e6hZIWDGx6CSnu45fpX0XTTlJWY"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cf-ray: 74e4f2406bbbcc56-ZRH
vary: Accept-Encoding
content-length: 35

GET
H2 200 ach-account-routing Show response
give.ccf.org/frs-api/organizations/54819/ 33 B
167 B 549ms
548ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/frs-api/organizations/54819/ach-account-routing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
tracestate: 423787@nr=0-1-423787-363751183-c2679620cc680c3c----1663785804849
traceparent: 00-fce36e359b1306507f01e84935ff96b3-c2679620cc680c3c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjMjY3OTYyMGNjNjgwYzNjIiwidHIiOiJmY2UzNmUzNTliMTMwNjUwN2YwMWU4NDkzNWZmOTZiMyIsInRpIjoxNjYzNzg1ODA0ODQ5fX0=
Accept: application/json, text/plain, */*
csrf-token: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 74e4f2406bc1cc56-ZRH
vary: Accept-Encoding
content-length: 33

GET
H2 200 paypal Show response
pay.classy.org/token/ 124 B
494 B 551ms
484ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/paypal?applicationId=9274&currency=USD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f86554ba5b50351575019a77a75b2646e071b7bee98b44348097fe6947cd3d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
x-classypay-requestid: ba3ddebc-2b9a-45dc-9700-fe78418b88f5
content-encoding: br
vary: Accept-Encoding
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 74e4f240eccb23af-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: F4rQmVhkyL-KZebuHt0xtjE8yFiGCgNVCFbdftIo_5wVfF8FIO8ERA==

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
731 B 531ms
465ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=9274&currency=USD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
x-classypay-requestid: 3f05b84e-f6ad-45c3-acd3-a8c493ac7881
content-encoding: br
vary: Accept-Encoding
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 74e4f240ecd123af-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: nMGl1qrAyx6foWM0UYCfflWQ4K30PqxH4_yHeLmswkwxBUVJwL_RmA==

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 239ms
173ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://give.ccf.org/
Bugsnag-Sent-At: 2022-09-21T18:43:24.897Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 google
bugsnag-event-id: 632b5b4d00971ad9db5b0000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 238ms
172ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://give.ccf.org/
Bugsnag-Sent-At: 2022-09-21T18:43:24.900Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 google
bugsnag-event-id: 632b5b4d00973e748d0c0000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 designations Show response
give.ccf.org/frs-api/campaigns/219429/ 1 KB
588 B 572ms
572ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/frs-api/campaigns/219429/designations?filter=id%3D67503

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da0cbcbf8277d69d7cf22fdd8ad6448182897b7455191b8c5870610ff33cc0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
tracestate: 423787@nr=0-1-423787-363751183-78e4aaf30795ae94----1663785804912
traceparent: 00-45211bb3c846785fe2fe48bc59506571-78e4aaf30795ae94-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3OGU0YWFmMzA3OTVhZTk0IiwidHIiOiI0NTIxMWJiM2M4NDY3ODVmZTJmZTQ4YmM1OTUwNjU3MSIsInRpIjoxNjYzNzg1ODA0OTEyfX0=
Accept: application/json, text/plain, */*
csrf-token: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"423-CDjLlIPfJb7E8DncdePsPyuyDQ0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 74e4f240cc98cc56-ZRH
vary: Accept-Encoding

GET
H2 200 designations Show response
give.ccf.org/frs-api/campaign/219429/ 50 KB
4 KB 676ms
675ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/frs-api/campaign/219429/designations?per_page=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea44d33f930c6023c426e70ad66b86b9d6615d91905f1047c866b028b5568f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
tracestate: 423787@nr=0-1-423787-363751183-53dc801648507cb3----1663785804913
traceparent: 00-e8d849d1bbc2d5b64f6466f0be93ded6-53dc801648507cb3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1M2RjODAxNjQ4NTA3Y2IzIiwidHIiOiJlOGQ4NDlkMWJiYzJkNWI2NGY2NDY2ZjBiZTkzZGVkNiIsInRpIjoxNjYzNzg1ODA0OTEzfX0=
Accept: application/json, text/plain, */*
csrf-token: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"c940-TGPgw2vtzkB7tH0GVV7Uvpb4ddM"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 74e4f240cc9dcc56-ZRH
vary: Accept-Encoding

GET
H2 200 designations Show response
give.ccf.org/frs-api/campaigns/219429/ 1 KB
599 B 550ms
550ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/frs-api/campaigns/219429/designations?filter=id%3D67503

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da0cbcbf8277d69d7cf22fdd8ad6448182897b7455191b8c5870610ff33cc0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
tracestate: 423787@nr=0-1-423787-363751183-4eec50ea7425f216----1663785804914
traceparent: 00-2d71deab96d8199db1daa5f9d4c9e85f-4eec50ea7425f216-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0ZWVjNTBlYTc0MjVmMjE2IiwidHIiOiIyZDcxZGVhYjk2ZDgxOTlkYjFkYWE1ZjlkNGM5ZTg1ZiIsInRpIjoxNjYzNzg1ODA0OTE0fX0=
Accept: application/json, text/plain, */*
csrf-token: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"423-CDjLlIPfJb7E8DncdePsPyuyDQ0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 74e4f240cc9fcc56-ZRH
vary: Accept-Encoding

GET
H2 200 currency-conversions Show response
give.ccf.org/frs-api/i18n/ 75 B
315 B 510ms
509ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df4899153fc2d27302e87a8b3f2166596a1c4e16f12123d6759f47958dfc483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
tracestate: 423787@nr=0-1-423787-363751183-bfa0d7eaac07a742----1663785804962
traceparent: 00-9b91ad3a5a1331474ab51403edbcbc29-bfa0d7eaac07a742-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiZmEwZDdlYWFjMDdhNzQyIiwidHIiOiI5YjkxYWQzYTVhMTMzMTQ3NGFiNTE0MDNlZGJjYmMyOSIsInRpIjoxNjYzNzg1ODA0OTYyfX0=
Accept: application/json, text/plain, */*
csrf-token: QQ4A6YWc-EbpcoC2o-6s1kJRdQKrkaLdQ0Kg
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"4b-4IItqQVGgUxoOPWwrt+FfL6HK3M"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 74e4f2411d26cc56-ZRH
vary: Accept-Encoding

GET
H2 200 user-icon.png
give.ccf.org/static/global/images/ 4 KB
5 KB 503ms
501ms Image
image/png 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.ccf.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Aug 2022 16:53:28 GMT
server: cloudflare
etag: "630f9208-11ec"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
cf-ray: 74e4f2412d2acc56-ZRH
content-length: 4588
expires: Thu, 21 Sep 2023 18:43:25 GMT

GET
H2 200 d1c92596-b78e-11e8-9328-0ee6a6c83970.png
assets.classy.org/7270268/ 176 KB
177 KB 801ms
783ms Image
image/png 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7270268/d1c92596-b78e-11e8-9328-0ee6a6c83970.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc64e9a3d3a9304bb1e056b336fb74ce69c6ea34adaefda24bced6e7886053db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: ZRH50-C1
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=.qM0vl8JJygy9n7epzbWWYVKiLdJ7VetGaWMnF6CUkc-1663785805-0-AbdE59ldtBaTv8MLYIgf-vNTJr97nvVN_FXl4_Pjw8n6CHjdGLG8UchUhaXTo2Fl0mYFIlpjK1aae2eRZr0c1znLQslHAQHayL4p5y6crutz; report-to cf-csp-endpoint
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 180242
cf-ray: 74e4f2413dca2355-ZRH
last-modified: Thu, 13 Sep 2018 19:54:22 GMT
server: cloudflare
etag: "a43eda464a272932e11eac19cece2571"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=.qM0vl8JJygy9n7epzbWWYVKiLdJ7VetGaWMnF6CUkc-1663785805-0-AbdE59ldtBaTv8MLYIgf-vNTJr97nvVN_FXl4_Pjw8n6CHjdGLG8UchUhaXTo2Fl0mYFIlpjK1aae2eRZr0c1znLQslHAQHayL4p5y6crutz"}],"group":"cf-csp-endpoint","max_age":86400}
x-amz-version-id: Ll0do66Slz5hlibe3xaTKBdxgK18dYV7
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: _UlI409L1DtgM_4i25f4iKFJ76krUKj694uMmK2Kt1_GMk4udPbGDg==

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/ 1 KB
917 B 51ms
50ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
age: 28068
etag: W/"2861fb7a07b041686ba6360cf7908e28"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f2412da32355-ZRH
x-amz-request-id: 49A777F28XPDQKD1
x-amz-id-2: zQHQjvlRMI9eXzOKrq9tyFW57IsPq6gmrAmbv54jcv4yvnLHV9CwuGpvMuPOQ0MMx9HaQ2b5hjg=

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/ 545 B
445 B 46ms
45ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
age: 28067
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f2412da62355-ZRH
x-amz-request-id: 49A9DDW6AHZ8F9G2
x-amz-id-2: L9A7SnB95DJm9jz7yKA+f55pMlSLtpOQgUG7ocViuJ80pOcxS82/Dsdfu96bWwhKzaHdYv2ADHI=

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/ 2 KB
1 KB 84ms
83ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
age: 28068
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f2412da82355-ZRH
x-amz-request-id: 49A5QH22DK7GQASM
x-amz-id-2: h0qsQRSnmOvIG2m/EYJUei3oQOEec2PFrVaHpe5H9XkMiHoJC1BUsPpIvE/I6mNbSBxlrsN34h8=

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/ 453 B
446 B 49ms
48ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
age: 28068
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f2412da92355-ZRH
x-amz-request-id: 49AEM42X66FTQJJ5
x-amz-id-2: mGoo9qyI6IteHdhkMsYRJMtzmm8Takw2LBIKeBBncMIAI88To7hfVAytF0RBQuBgUeMRhoJaN1s=

GET
H2 200 d02a5cee-d3ab-11e8-9ece-0a249f1a0c1e.jpg
assets.classy.org/7270276/ 172 KB
173 KB 765ms
749ms Image
image/jpeg 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7270276/d02a5cee-d3ab-11e8-9ece-0a249f1a0c1e.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97234286f012c57406e2d041b79351996bb5972ef1e6e4a3dce1e1a0bcb1877e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dc.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: ZRH50-C1
cf-ray: 74e4f2413dcc2355-ZRH
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 176569
last-modified: Fri, 19 Oct 2018 14:32:33 GMT
server: cloudflare
etag: "34479fff53eeb1ad1e4959a5f21de6f4"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: oddkxjqeXd.WedfL27RnJcBb7lqolWWZ
cache-control: public,max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: CsAzDiZxNJn591SwaU8zS9aFBMUEosBMZSfJCreO8xI2CInx8REcGQ==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/16932/static/global/images/ 394 B
710 B 105ms
105ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/16932/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/16932/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept
cf-cache-status: HIT
age: 79955
cf-polished: origFmt=png, origSize=547
cf-ray: 74e4f2412db42355-ZRH
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: tqzx7rBVdtOP5iIwUrNRJ2UMswrnY/6rKEZOwRS6zQ8c5YZgtz2OV+wG37adxfy+kxsyMGJGX7g=
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: E355FH7Y8F3XS3JE
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/16932/static/global/fonts/ 42 KB
43 KB 666ms
612ms Font
application/x-font-woff 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/16932/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c0c0d8f0a179dc69eda6aac7879904c94bab835a28de393cc6f10fd34e21e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/16932/static/frs/main.css
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: JGB9X92X8PHKRSPA
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 43184
x-amz-id-2: 8wbfWeuUvaSMrfTkAFSSAv6eZU5WJGveR1BZNBZtlyqk+bHgUrlhXJp9lwSpJylcggMQg1MBkZw=
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
etag: "88c1b8420ad181bb1fa5ccbd31b6b3af"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 74e4f2418c8601eb-ZRH

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/16932/static/fonts/ 65 KB
66 KB 755ms
701ms Font
binary/octet-stream 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/16932/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/16932/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/16932/static/frs/main.css
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: JGBFAXRQ6YHV2YWQ
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 66624
x-amz-id-2: 5n7dPmOPr7PcHcLsajN+fhUCM+6RJpa5dYioLhp6IDaXRNLP3XWV5TYxc0ZfYp14Vtuk5Ql6ag4=
last-modified: Wed, 31 Aug 2022 16:57:29 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 74e4f2418c8801eb-ZRH

POST
H2 200 rum Show response
give.ccf.org/cdn-cgi/ 0
211 B 29ms
29ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/cdn-cgi/rum?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-2201124b18b70a22----1663785805002
traceparent: 00-23cb9799918ef496239dae1cf68047ac-2201124b18b70a22-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyMjAxMTI0YjE4YjcwYTIyIiwidHIiOiIyM2NiOTc5OTkxOGVmNDk2MjM5ZGFlMWNmNjgwNDdhYyIsInRpIjoxNjYzNzg1ODA1MDAyfX0=
content-type: application/json
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://give.ccf.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 74e4f2415d6ecc56-ZRH
vary: Origin

POST
H2 200 csp-report
q.stripe.com/ Frame 8ACB 0
570 B 545ms
178ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8ACB 0
570 B 545ms
178ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 94ms
32ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

923b98f388a1ed517388a42b1e51c727eb88f8aabd41146f10bbfdd150925d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 18:43:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 18:43:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 18:43:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 60ms
23ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1247095346&t=event&_s=1&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAAC~&jid=1878100970&gjid=2019228975&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&_r=1&_slc=1&z=198774724

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.ccf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 58ms
24ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1247095346&t=event&_s=1&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=frs&ea=checkout&el=Begin%20Checkout&_u=KGDACEABBAAAAC~&jid=1459916894&gjid=1599090134&cid=1337448289.1663785804&tid=UA-718476-2&_gid=482322710.1663785804&_r=1&_slc=1&z=1030923016

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.ccf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
474 B 446ms
446ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=9274&currency=EUR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a853ca446c11f06d516181055253b1d79b0db168f57a1ee88d093d132c1e3802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 8f4bc83dd77c2931f6260310f57dde66.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
x-classypay-requestid: 09486317-472c-4c0a-819b-c667417d84ff
content-encoding: br
vary: Accept-Encoding
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 74e4f2418e0623af-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 4eZ2J5n1fFQmrtADnO1HQPS7ZuuFp739rk397MK502hNDrQ5L9wawQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
18ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=timing&_s=2&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1663785804680&utt=683&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&cd1=54819&cd2=Classy%20Pay&cd3=1&cd4=donation&cd5=219429&cd6=campaign&cd11=recurring%20optimization&z=961587168

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40833
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
18ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=timing&_s=3&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1663785804680&utt=1733&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&cd1=54819&cd2=Classy%20Pay&cd3=1&cd4=donation&cd5=219429&cd6=campaign&cd11=recurring%20optimization&z=2097010570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40833
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
15ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=timing&_s=4&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1663785804680&utt=1834&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&cd1=54819&cd2=Classy%20Pay&cd3=1&cd4=donation&cd5=219429&cd6=campaign&cd11=recurring%20optimization&z=1724697563

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40833
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
16ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=timing&_s=5&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1663785804680&utt=2051&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&cd1=54819&cd2=Classy%20Pay&cd3=1&cd4=donation&cd5=219429&cd6=campaign&cd11=recurring%20optimization&z=2039400829

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40833
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
17ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=timing&_s=6&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1663785804680&utt=2996&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&cd1=54819&cd2=Classy%20Pay&cd3=1&cd4=donation&cd5=219429&cd6=campaign&cd11=recurring%20optimization&z=1490321347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40833
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 114ms
114ms Image
image/gif 3.231.52.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1663785805060&hv=4.18.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-52-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:25 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 115ms
115ms Image
image/gif 3.231.52.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7715769940160059&v=3307760297932530&s=2597044550277188&b=web&tv=4.0&sp=z&sp=0&sp=us&sp=hs_email&sp=um&sp=email&sp=uc&sp=226799727&sp=ua&sp=eNews&sp=ts&sp=1663785804374&sp=d&sp=give.ccf.org&sp=h&sp=%2Fgive%2F219429%2F&sp=t&sp=Cleveland%20Clinic%20INbox&sp=q&sp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=give.ccf.org&pp=q&pp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&pp=h&pp=%2Fgive%2F219429%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Cleveland%20Clinic%20INbox&pp=ts&pp=1663785804374&id0=8563984142125318&k0=environment&k0=prod&k0=organization_id&k0=54819&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=219429&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=label&k0=Begin%20Checkout&k0=action&k0=checkout&k0=currency&k0=USD&t0=Begin%20Checkout&ts0=1663785805061&st=1663785805062

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-52-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:25 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 m-outer-4f06ad5898a719d290c5609c37e6d5e4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8ACB 526 B
385 B 63ms
63ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-4f06ad5898a719d290c5609c37e6d5e4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-c235b297e0ebb82ed3cdd25a46321ffb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-c235b297e0ebb82ed3cdd25a46321ffb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 29
x-cache: HIT
content-length: 256
etag: "d96c709017743c0759cf3853d1806ba5"
x-request-id: 7ac56698-f26a-4ca6-b93e-48989e8d40d9
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 65

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/1/ 49 B
620 B 426ms
303ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/67fe2a1b26?a=363721230&v=1216.487a282&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3053&ck=1&ref=https://give.ccf.org/give/219429/&ap=392.133596&be=2045&fe=2594&dc=2592&tt=ea71b1cd11f2a02c&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663785802025,%22n%22:0,%22f%22:189,%22dn%22:189,%22dne%22:590,%22c%22:590,%22s%22:611,%22ce%22:683,%22rq%22:683,%22rp%22:1733,%22rpe%22:1834,%22dl%22:1736,%22di%22:1836,%22ds%22:2043,%22de%22:2043,%22dc%22:2043,%22l%22:2043,%22le%22:2051%7D,%22navigation%22:%7B%7D%7D&fp=2998&fcp=2998&jsonp=NREUM.setToken
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 18:43:25 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 74e4f2429f7e8fc8-FRA

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 1109ms
926ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://give.ccf.org/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1663785805.dop159.fr8.t,1663785805.cds160.fr8.hn,1663785805.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
74 KB 75ms
42ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5JWD9W&l=dataLayer

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab38289b5ddde94428c1ed6723e7c6e70ef4c8e3ed0cc89f3d979a4adc567788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76189
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Sep 2022 18:43:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 102ms
35ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-3837893-1&cid=1337448289.1663785804&jid=1878100970&gjid=2019228975&_gid=482322710.1663785804&_u=KGDACEAABAAAAC~&z=458623514

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Sep 2022 18:43:25 GMT
content-type: text/plain
access-control-allow-origin: https://give.ccf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 98ms
36ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-718476-2&cid=1337448289.1663785804&jid=1459916894&gjid=1599090134&_gid=482322710.1663785804&_u=KGDACEABBAAAAC~&z=1254658181

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Sep 2022 18:43:25 GMT
content-type: text/plain
access-control-allow-origin: https://give.ccf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/7577aaa2/www-widgetapi.vflset/ 161 KB
52 KB 59ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7577aaa2/www-widgetapi.vflset/www-widgetapi.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5469c6823b39982822ab045ac7388b68bcbce0548f799c5e5af3c8cf68196a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53514
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 00:17:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 17:28:24 GMT

GET
H/1.1 200
OK widget_iframe.c4bdc17e77719578b594d5555bee90db.html Show response
platform.twitter.com/widgets/ Frame EC18 320 KB
104 KB 27ms
26ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fgive.ccf.org
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1807206
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 21 Sep 2022 18:43:25 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BBA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 160248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:12:37 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 102ms
49ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 160248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:12:37 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 109ms
57ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 160248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:12:37 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 91ms
41ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:52:23 GMT
x-content-type-options: nosniff
age: 24662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 11:52:23 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 6D2E 930 B
2 KB 101ms
24ms Document
text/html 2600:9000:224a:9a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-4f06ad5898a719d290c5609c37e6d5e4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:9a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:22 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
x-amz-cf-id: oEAaNjGZ1njUOCr3BvKeoBllCp6oBZB-LDnfcW893cK7V0SBqqaVKA==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ 28 KB
29 KB 95ms
73ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:52:23 GMT
x-content-type-options: nosniff
age: 24662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 11:52:23 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 90ms
68ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 160248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:12:37 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 27 KB
27 KB 84ms
62ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.ccf.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:12:37 GMT
x-content-type-options: nosniff
age: 160248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:12:37 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
25ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1247095346&t=pageview&_s=1&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=1722063369&gjid=1359133154&cid=1337448289.1663785804&tid=UA-47551322-1&_gid=482322710.1663785804&_r=1&gtm=2wg9j0W5JWD9W&z=815909197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.ccf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
19 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5247
date: Wed, 21 Sep 2022 17:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 19:15:58 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 86ms
29ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kcgs7200087-IAD, cache-vie6327-VIE

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 96ms
28ms Script
application/x-javascript 2a02:26f0:11a::6867:4843
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4843 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=80360
accept-ranges: bytes
content-length: 3063

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 60ms
19ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: 7RiZWpK/+EqRsHctjNw9FEN7I2Dv5zTuzXwhBLS7lCanJtZ5mb5Pgmy79KEyBpmKrn2cQcLiVymITOtF6f1nXQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 18:43:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 67ms
16ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Wed, 21 Sep 2022 01:54:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 60518
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P7
X-Amz-Cf-Id: UuDEcqoOblbngF3hr0lU0HTsFnyZVeyF4jk3bmtshwiSOfSRgpNxHw==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EC18 771 B
608 B 168ms
127ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=c8beecfd49298ce9c2a493a42abaa0b2ccb73611

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fgive.ccf.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 21 Sep 2022 18:43:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 18:43:25 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: f4b2fd4ca202a50bc6d844f4133bb164080d8f117b04119e2a6df6163c022a6d
content-length: 327

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 132ms
44ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-47551322-1&cid=1337448289.1663785804&jid=1722063369&gjid=1359133154&_gid=482322710.1663785804&_u=aGDACEABBAAAAC~&z=1752906687

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Sep 2022 18:43:25 GMT
content-type: text/plain
access-control-allow-origin: https://give.ccf.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 6D2E 0
345 B 233ms
177ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 6D2E 86 KB
16 KB 31ms
30ms Script
text/javascript 2600:9000:224a:9a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:9a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 135
date: Wed, 21 Sep 2022 18:41:10 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: svuzB3-1wd68jwLmpWel0mi8rFPxZD2pmJNEBVOickxyxyIMFoPTPw==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

GET
H3 200 350090272054116 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 204ms
170ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/350090272054116?v=2.9.83&r=stable

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62c6215bea43ccf89c416af84c99ff887415f4ef79e5480a5f975d52e912f253

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 8K4iSiX+7HhyTziipWpsYTGeG3LHVUQJ6vZIShESZC5FcZWLraVFs4Wj8DQHhMpA5fZVQ06lUtTkiq5D2HNpmg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 18:43:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hse...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D312650%26time%3D1663785805351%26url%3Dhttps%253A%252F%252Fgive.ccf.org%252Fgive%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hse...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hs...

0
264 B

205ms
167ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23%21%2Fdonation%2Fcheckout&liSync=true&e_ipv6=AQLGXL-SJatURAAAAYNhXKj9FocGmejnWWVDhBcuGk0hWwwIoaZFJfgruvDmc52wKkZk-7NbkA
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 70799A0FCD72452982D1FC40FAF87AD5 Ref B: FRAEDGE1317 Ref C: 2022-09-21T18:43:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpNFH3O3mPyaipa/nzDA==
x-li-fabric: prod-ltx1

Redirect headers

date: Wed, 21 Sep 2022 18:43:26 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 929F471B6F5B451B99CB36B3A2286396 Ref B: FRAEDGE1510 Ref C: 2022-09-21T18:43:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=312650&time=1663785805351&url=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23%21%2Fdonation%2Fcheckout&liSync=true&e_ipv6=AQLGXL-SJatURAAAAYNhXKj9FocGmejnWWVDhBcuGk0hWwwIoaZFJfgruvDmc52wKkZk-7NbkA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpNFHz9nLki0Ij3+UPwA==

GET
H2 200 adsct
t.co/i/ 43 B
338 B 172ms
135ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=638205e1-6df2-4449-8eb4-c09be5ca1ed6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6aebe3c4-d1ed-4e61-b694-ed6971841be9&tw_document_href=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o378p&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 115
date: Wed, 21 Sep 2022 18:43:25 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 09cda835d909cda4508b7b5e3f089d713927b0ba5ad7b42848758f7fe083fff3
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
353 B 166ms
129ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=638205e1-6df2-4449-8eb4-c09be5ca1ed6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6aebe3c4-d1ed-4e61-b694-ed6971841be9&tw_document_href=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o378p&type=javascript&version=2.3.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 21 Sep 2022 18:43:24 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: dfaec419b4aef88b4f448c04d0e7c0c326eee29ee3ea22aaeabe85f0dc679521
content-length: 43

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 607C 0
182 B 125ms
44ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=yj83vjt&ref=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&upid=4l0ngrj&upv=1.1.0
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 21 Sep 2022 18:43:25 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
409 B 409ms
409ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=9274&currency=EUR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
via: 1.1 d46464e02ca4f5540906664a2cfbcce2.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
x-classypay-requestid: 6fb83a2c-c14f-4a5e-9944-dd5e6337f5d6
content-encoding: br
vary: Accept-Encoding
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 74e4f2443b4f23af-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: TS9N53Fb-K6cjO0gunsLyoNkeqBYtfn-eR_5nGqdbBCFR7orJGIo-w==

GET
H2 200 js Show response
www.paypal.com/sdk/ 322 KB
98 KB 376ms
174ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=X2XLXDV4SLHNG&commit=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b35afa9d0d5a26dffebc42c98f1c170e8e75c3f9d60f7af5bc00b25c996134e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-pyBP7j1Nw6mHDBq/Xy/cWqPwp70zG1rigahOJfqEigl0szx8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pyBP7j1Nw6mHDBq/Xy/cWqPwp70zG1rigahOJfqEigl0szx8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pyBP7j1Nw6mHDBq/Xy/cWqPwp70zG1rigahOJfqEigl0szx8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pyBP7j1Nw6mHDBq/Xy/cWqPwp70zG1rigahOJfqEigl0szx8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 7738
x-cache: HIT
p3p: true
paypal-debug-id: f8325000aa0f1
server-timing: "traceparent;desc="00-0000000000000000000f8325000aa0f1-2a53193a3f0a5cdf-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 98645
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
traceparent: 00-0000000000000000000f8325000aa0f1-25c4813bd4d8d609-01
x-timer: S1663785806.836128,VS0,VE3
x-frame-options: SAMEORIGIN
date: Wed, 21 Sep 2022 18:43:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"18155-HBcWyUr1U2izIeC5QVXA8MN881c"
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 6 Show response
m.stripe.com/ Frame 6D2E 156 B
522 B 613ms
238ms XHR
application/json 54.149.23.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.23.244 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-23-244.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

630b44e7fe943e5e28c06a45c919a46a7a7284d04e4eee93c5f60da0db05c198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 controller-4e33baadc1fe6b4b4459112809c6eec5.html Show response
js.stripe.com/v3/ Frame 47EE 297 B
694 B 61ms
60ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

655fe21a3f9b54c20dd4caf3ef8771c13c806e9c25455edb7aeb00b5db09bb5b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 45
cache-control: max-age=60
content-encoding: br
content-length: 144
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:25 GMT
etag: "4e33baadc1fe6b4b4459112809c6eec5"
last-modified: Wed, 21 Sep 2022 18:08:24 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-content-type-options: nosniff
x-request-id: 957b4443-2d86-4608-a012-7bf44b5ef599
x-served-by: cache-hhn4025-HHN

GET
H2 200 payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html Show response
js.stripe.com/v3/ Frame 37FB 380 B
890 B 60ms
59ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

64317b8b8ce3fa7e3c9d7822761387abc5b5bc062490cdc39ad7c3d81711dd88

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60
content-encoding: br
content-length: 174
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:25 GMT
etag: "b2bb4f1cf70a16123d460c7f3a9639d5"
last-modified: Wed, 21 Sep 2022 18:08:34 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: c82d3536-223d-43a6-856d-9032126c1092
x-served-by: cache-hhn4025-HHN

GET
H2 200 payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html Show response
js.stripe.com/v3/ Frame A4ED 316 B
225 B 75ms
69ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c21807c05b8d938ea317846276fa08f2a632893e792b4756e04d06da9cd15e51

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16
cache-control: max-age=60
content-encoding: br
content-length: 149
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:25 GMT
etag: "0fec4bd32fd77109809a26877d1c12f1"
last-modified: Wed, 21 Sep 2022 18:08:34 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: db35b2fe-fa56-40c1-bcc1-0c85fbe5bb3e
x-served-by: cache-hhn4025-HHN

GET
H2 200 payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html Show response
js.stripe.com/v3/ Frame 82F9 380 B
251 B 71ms
70ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

64317b8b8ce3fa7e3c9d7822761387abc5b5bc062490cdc39ad7c3d81711dd88

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60
content-encoding: br
content-length: 174
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:25 GMT
etag: "b2bb4f1cf70a16123d460c7f3a9639d5"
last-modified: Wed, 21 Sep 2022 18:08:34 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 0ab18258-429d-4982-9cc4-e6755bda00a5
x-served-by: cache-hhn4025-HHN

GET
H2 200 payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html Show response
js.stripe.com/v3/ Frame C111 316 B
922 B 69ms
69ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c21807c05b8d938ea317846276fa08f2a632893e792b4756e04d06da9cd15e51

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16
cache-control: max-age=60
content-encoding: br
content-length: 149
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 18:43:25 GMT
etag: "0fec4bd32fd77109809a26877d1c12f1"
last-modified: Wed, 21 Sep 2022 18:08:34 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 110fcece-5748-4023-b94f-198d42135911
x-served-by: cache-hhn4025-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame 47EE 0
570 B 178ms
177ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-02b776a981c57f3e5ca44f1266388c3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 47EE 309 KB
71 KB 72ms
70ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79a0c77054699d99c988a17016c3c9a24056051574bcecde5f1f767997fe3c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 72584
etag: "e49761504474bd10e0b93e85bfcfed2f"
x-request-id: f87ba2be-a21c-4fcd-b861-a4f5b5815dd7
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 controller-ff38a259d6f59bff3a3120c8e3c5d73a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 47EE 362 KB
91 KB 81ms
80ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-ff38a259d6f59bff3a3120c8e3c5d73a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

319577b06050d8c250288b4dcb91fe507d5accf083acf33fd91ad4a97a017ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 92908
etag: "3eb1aedcd64f68ea170da2d79aa1b3f9"
x-request-id: 495cc6b0-fc94-47d4-a341-cb53eee5b24b
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:31 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

POST
H2 200 csp-report
q.stripe.com/ Frame 37FB 0
570 B 176ms
176ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 37FB 0
570 B 177ms
177ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 37FB 102 KB
33 KB 162ms
73ms Script
application/javascript 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3db4a79a56cbaca3f123ece1b8d7bf261147bf60f11c8113dbdf9ba1377a4bc0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-r4x_jo8c4kPAR-qocK5AIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-r4x_jo8c4kPAR-qocK5AIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
expires: Wed, 21 Sep 2022 18:43:25 GMT

GET
H2 200 shared-02b776a981c57f3e5ca44f1266388c3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 37FB 309 KB
71 KB 150ms
150ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79a0c77054699d99c988a17016c3c9a24056051574bcecde5f1f767997fe3c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 72584
etag: "e49761504474bd10e0b93e85bfcfed2f"
x-request-id: 5cdb271b-3105-486c-ba77-ec3113b22706
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 payment-request-inner-google-pay-430cfe3c4f96fa90026d6c893f678fc7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 37FB 14 KB
5 KB 173ms
173ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-430cfe3c4f96fa90026d6c893f678fc7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: HIT
content-length: 4766
etag: "78f5d77dc033cc5f76ec923bd3dcd824"
x-request-id: 2cea63e7-def0-45e3-a63e-b599edb110da
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 89ms
30ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=350090272054116&ev=PageView&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1663785805608&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663785805606.1910299923&it=1663785805348&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 21 Sep 2022 18:43:25 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame C111 0
570 B 179ms
178ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C111 0
570 B 179ms
179ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A4ED 0
570 B 177ms
177ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A4ED 0
570 B 325ms
325ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 82F9 0
570 B 324ms
323ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 82F9 0
570 B 324ms
323ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-02b776a981c57f3e5ca44f1266388c3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C111 309 KB
71 KB 160ms
159ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79a0c77054699d99c988a17016c3c9a24056051574bcecde5f1f767997fe3c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 72584
etag: "e49761504474bd10e0b93e85bfcfed2f"
x-request-id: 405d36f6-0d54-4a9c-9681-3287f4f64152
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22

GET
H2 200 payment-request-inner-browser-4c30919277e47387736c248a41e63611.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C111 12 KB
4 KB 161ms
159ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-4c30919277e47387736c248a41e63611.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 76
x-cache: HIT
content-length: 4424
etag: "13563263f55505d5822aae879d83b8c6"
x-request-id: 3e7eb8e1-aef5-489e-aba7-8392efa2cc09
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 shared-02b776a981c57f3e5ca44f1266388c3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A4ED 309 KB
71 KB 150ms
149ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79a0c77054699d99c988a17016c3c9a24056051574bcecde5f1f767997fe3c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 72584
etag: "e49761504474bd10e0b93e85bfcfed2f"
x-request-id: 1a4ed356-6f7e-4261-9397-1156640f41c9
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21

GET
H2 200 payment-request-inner-browser-4c30919277e47387736c248a41e63611.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A4ED 12 KB
4 KB 186ms
185ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-4c30919277e47387736c248a41e63611.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-0fec4bd32fd77109809a26877d1c12f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 16
x-cache: HIT
content-length: 4424
etag: "13563263f55505d5822aae879d83b8c6"
x-request-id: cd81b4c1-ab2c-4da6-8a0f-4d1dd2409796
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 82F9 101 KB
32 KB 164ms
105ms Script
application/javascript 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71a4954bfc82b7512ffe6f4c8a53e763a37157f399c94b13b2fe4bd423b5e86e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-GVEnJxV17D8Lk07EHUv27Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-GVEnJxV17D8Lk07EHUv27Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
expires: Wed, 21 Sep 2022 18:43:25 GMT

GET
H2 200 shared-02b776a981c57f3e5ca44f1266388c3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 82F9 309 KB
71 KB 150ms
150ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79a0c77054699d99c988a17016c3c9a24056051574bcecde5f1f767997fe3c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 72584
etag: "e49761504474bd10e0b93e85bfcfed2f"
x-request-id: 3340247b-9624-45e4-bc19-3ab5407d1695
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21

GET
H2 200 payment-request-inner-google-pay-430cfe3c4f96fa90026d6c893f678fc7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 82F9 14 KB
5 KB 149ms
149ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-430cfe3c4f96fa90026d6c893f678fc7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b2bb4f1cf70a16123d460c7f3a9639d5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: HIT
content-length: 4766
etag: "78f5d77dc033cc5f76ec923bd3dcd824"
x-request-id: 218a95b1-622d-43af-90cc-f12a76da4772
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:08:33 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 47EE 231 KB
47 KB 68ms
67ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-ff38a259d6f59bff3a3120c8e3c5d73a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 49
x-cache: HIT
content-length: 47921
etag: "ab675b71d19378124fcdf3c0f6dad353"
x-request-id: 06c4aa5a-5ba3-4d7d-91a5-adb1f9eec7ea
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Tue, 20 Sep 2022 13:38:28 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 47EE 2 KB
898 B 67ms
66ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-ff38a259d6f59bff3a3120c8e3c5d73a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: HIT
content-length: 770
etag: "f1717e2e478c68d16ccd7b37768700be"
x-request-id: c7bf1ba2-9155-4c4a-84fa-e8a0966a8826
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 20:31:43 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 47EE 474 B
605 B 246ms
120ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

832c54ad6c8addc256595ba560d89e22226d6d740b0d06bbaa188cceda67d5ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-4e33baadc1fe6b4b4459112809c6eec5.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Sep 2022 18:43:25 GMT
content-encoding: br
vary: Accept-Encoding
age: 31
x-cache: HIT
content-length: 294
x-request-id: 7241a730-1e2f-4445-8bb4-9b56143e82a5
x-served-by: cache-hhn4022-HHN
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 18:41:39 GMT
server: Fastly
etag: "be03e816679e3955e60748f2596d7b64"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame D17A 18 KB
7 KB 211ms
117ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99d67c7ae3ef003dadc7cbafd121fe1ef16f427f0955ec0e46a51d7da338d83e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HLko1hn4WCm63q1VGkXalQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HLko1hn4WCm63q1VGkXalQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 21 Sep 2022 18:43:25 GMT
expires: Wed, 21 Sep 2022 18:43:25 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 5D07 18 KB
7 KB 149ms
99ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a460d6273594ccf19c66aa325c93a1c9df2eb805d4eb9b0a1d3583c3df4aebce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-26kJu4HJakuSCqBfnAv5Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-26kJu4HJakuSCqBfnAv5Mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 21 Sep 2022 18:43:25 GMT
expires: Wed, 21 Sep 2022 18:43:25 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=timing&_s=7&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Donate%20to%20Cleveland%20Clinic%20INbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1663785804680&utt=3847&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&cd1=54819&cd2=Classy%20Pay&cd3=1&cd4=donation&cd5=219429&cd6=campaign&cd11=recurring%20optimization&z=1408121019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40833
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam.nr-data.net/events/1/ 24 B
400 B 191ms
190ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1216.487a282&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=3854&ck=1&ref=https://give.ccf.org/give/219429/
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 21 Sep 2022 18:43:26 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://give.ccf.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 74e4f246cd248fc8-FRA
Content-Length: 24

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 80ms
79ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.ccf.org&t=xo&v=5.0.332&source=payments_sdk&mrid=X2XLXDV4SLHNG&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fa35a1279e5eff82060ec2bd41b30b72d299228912d4ed64269f943fddbc0f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-05WlqgIPI4uvqmfS/hjaF1zorTcvYGOg5fNUMU7p7bvdiKKO' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-05WlqgIPI4uvqmfS/hjaF1zorTcvYGOg5fNUMU7p7bvdiKKO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 32325
x-cache: HIT
paypal-debug-id: f5982337296d3
server-timing: "traceparent;desc="00-0000000000000000000f5982337296d3-3e0faf32d592c695-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4772
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4052-HHN
traceparent: 00-0000000000000000000f5982337296d3-9ef6a151babe3dd5-01
x-timer: S1663785806.016670,VS0,VE4
x-frame-options: SAMEORIGIN
date: Wed, 21 Sep 2022 18:43:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"3560-Mdrp87F3TU2FT1ukpOEcDzfjJHQ"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js Show response
www.paypal.com/sdk/ 314 KB
94 KB 84ms
84ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

532dd1ba7d42f8d20324e98a5b32629523b3b92cb4a135e88c3c4f7883234753

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-Q+Kj/Ro37EsohWjVj/69JIK38qKeOEpEYDLrtYoRIsduEQmt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Q+Kj/Ro37EsohWjVj/69JIK38qKeOEpEYDLrtYoRIsduEQmt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Q+Kj/Ro37EsohWjVj/69JIK38qKeOEpEYDLrtYoRIsduEQmt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Q+Kj/Ro37EsohWjVj/69JIK38qKeOEpEYDLrtYoRIsduEQmt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 8397
x-cache: HIT
p3p: true
paypal-debug-id: f57448374d6ca
server-timing: "traceparent;desc="00-0000000000000000000f57448374d6ca-8c4c44b36bc3e18b-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 95057
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
traceparent: 00-0000000000000000000f57448374d6ca-860f058731355a82-01
x-timer: S1663785806.018486,VS0,VE5
x-frame-options: SAMEORIGIN
date: Wed, 21 Sep 2022 18:43:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"17351-9JR4BwKv7qEVRAYBwHQeiNyHxs4"
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
2 KB 297ms
296ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1163a9ea7aa40907ea1095e84fb3e00d9a882b8289766745af9bb3a86a16d5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f563469e28c25
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4057-HHN
traceparent: 00-0000000000000000000f563469e28c25-92f2d92fc6ea4970-01
x-timer: S1663785806.484345,VS0,VE185
etag: W/W/"3f6-Z4WeFVkXafALC21sm0lgBg2E640"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.ccf.org
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 385ms
256ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.ccf.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 21 Sep 2022 18:43:26 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f5634694af287
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f5634694af287-0d1eea169c0ed254-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4057-HHN
x-timer: S1663785806.184916,VS0,VE191

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 192ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 191ms
184ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 191ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 192ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 191ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 187ms
183ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 188ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 188ms
185ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 187ms
184ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 187ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 188ms
187ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 187ms
187ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 186ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 186ms
186ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 359ms
359ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5D07 2 KB
2 KB 44ms
44ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh... Frame 5D07 153 KB
55 KB 81ms
17ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97b7d947fa5ccf3bdaf6f3d1163269dbc975678f0e0e856b956c4573ea16091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55161
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 10:43:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame D17A 2 KB
2 KB 44ms
43ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 251ms
67ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16464
x-served-by: cache-sjc10072-SJC, cache-hhn4024-HHN
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1663785806.284085,VS0,VE0
etag: W/"6271663d-da91"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 224096, 442879

GET
H2 200 ts
t.paypal.com/ 42 B
750 B 288ms
183ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AX2XLXDV4SLHNG-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AX2XLXDV4SLHNG-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0774d722-0619-4df5-8e10-7406e1730796&fltp=analytics&mrid=X2XLXDV4SLHNG&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20to%20Cleveland%20Clinic%20INbox&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1663785806036&g=0&completeurl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C87) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:26 GMT
content-type: image/gif
server: ECAcc (frc/4C87)
traceparent: 00-0000000000000000000a18bffa3b19f0-f07984d7b586a65d-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a18bffa3b19f0
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=162
timing-allow-origin: *
content-length: 42
expires: Wed, 21 Sep 2022 18:43:26 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh... Frame D17A 153 KB
54 KB 75ms
34ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97b7d947fa5ccf3bdaf6f3d1163269dbc975678f0e0e856b956c4573ea16091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55161
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 10:43:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 442ms
441ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=give.ccf.org&t=xo&v=5.0.332&source=payments_sdk&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8PvPVLic8HI4dUaKL2O+Q7oWVr1JzB8A2FKMzuj8QIHRZ2UG' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8PvPVLic8HI4dUaKL2O+Q7oWVr1JzB8A2FKMzuj8QIHRZ2UG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: HIT
paypal-debug-id: f27112113306f
server-timing: "traceparent;desc="00-0000000000000000000f27112113306f-5b981fd014d35140-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4052-HHN
traceparent: 00-0000000000000000000f27112113306f-f9f81158230e3ff3-01
x-timer: S1663785806.151789,VS0,VE365
x-frame-options: SAMEORIGIN
date: Wed, 21 Sep 2022 18:43:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1

GET ProximaNova-Bold-webfont.woff
479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 58ms
27ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=350090272054116&ev=Microdata&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&rl=&if=false&ts=1663785806158&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20Cleveland%20Clinic%20INbox%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Classy%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F7270276%2F1deaa286-d3ac-11e8-bc11-0e100ed73580.jpg%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fassets.classy.org%2F7270276%2F1deaa286-d3ac-11e8-bc11-0e100ed73580.jpg%22%2C%22og%3Atitle%22%3A%22Donate%20to%20Cleveland%20Clinic%20INbox%22%2C%22twitter%3Atitle%22%3A%22Donate%20to%20Cleveland%20Clinic%20INbox%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663785805606.1910299923&it=1663785805348&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 21 Sep 2022 18:43:26 GMT

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 169ms
168ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://give.ccf.org/
Bugsnag-Sent-At: 2022-09-21T18:43:26.164Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:43:26 GMT
via: 1.1 google
bugsnag-event-id: 632b5b4e00973d41c9c50000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

OPTIONS
H3 200 /
notify.bugsnag.com/ Frame 0
0 160ms
160ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 21 Sep 2022 18:43:26 GMT
via: 1.1 google

POST
H3 200 / Show response
notify.bugsnag.com/ 2 B
16 B 163ms
159ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: cxd3d04.na1.hubspotlinks.com
URL: https://cxd3d04.na1.hubspotlinks.com/Ctc/I4+113/cxD3d04/VWlyQ49gNMMKW59kDVC6jryQcW6mk3Cf4Qc_n6N6N1vYX3q905V1-WJV7CgZgGW4DVlVF5wd5FgW20GGQm6DZyTDW1B8bZP5vhF4TW3-p78s11S7JxW2G58V_5C80b4W6-dPNl710nGxW3KXr728qMdWpN68-25M4tFTYW3xn2zw6JRPDCVJWNK24RkNf_W7J-c1b67nv2cN9cC_cZPWQ1NW5z5Pt73yZqp9N2H_NBlQ-THlW3lQ2ft6ZRXGdW6p240z2P5HfdW3pWHZ24wM8bcW2vW2d54bCvKzN8dXD6KMlBS9W6K-6Ff5ZtnQjW7_Fjs41B8mF1W3FBSGq8PmTPbN2cM0yJRXXM6W69LQfT762RBM3c_p1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4.0
Referer: https://give.ccf.org/
Bugsnag-Sent-At: 2022-09-21T18:43:26.168Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:43:26 GMT
via: 1.1 google
bugsnag-event-id: 632b5b4e00971fcb144f0000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8

OPTIONS
H3 200 /
notify.bugsnag.com/ Frame 0
0 161ms
161ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 21 Sep 2022 18:43:26 GMT
via: 1.1 google

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame 5D07 78 KB
28 KB 56ms
23ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhalx-xmjXOkOrYk2NftCmSWU4Iqw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

551c71f7ac1cd64bcaae0fdad7d5991e712e010f9fd2cad47af5df4c652b4bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29014
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame D17A 78 KB
28 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

551c71f7ac1cd64bcaae0fdad7d5991e712e010f9fd2cad47af5df4c652b4bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29014
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
1 KB 282ms
281ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fcfefb35019ae26daa49fa9e2c7ba1375a32f3d9de8c5982efced5ac78729e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f498209a06a53
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4057-HHN
traceparent: 00-0000000000000000000f498209a06a53-5bdec635101e10ec-01
x-timer: S1663785807.539226,VS0,VE177
etag: W/W/"3f8-7jxG6BjvdOC9wG5Wp2Pehhl0dvs"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.ccf.org
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 238ms
238ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.ccf.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 21 Sep 2022 18:43:26 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f56346983fa96
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f56346983fa96-47095f694185eea7-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4057-HHN
x-timer: S1663785806.268006,VS0,VE171

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1018 B
2 KB 800ms
799ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1f78417c087df2d3aadc913210a981b51291c946b7edc79891a6e7e63043f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://give.ccf.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f498209579dfc
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4057-HHN
traceparent: 00-0000000000000000000f498209579dfc-2cab077c894a258a-01
x-timer: S1663785807.265971,VS0,VE188
etag: W/W/"3fa-h5HfPF7FfekohsmXy6XMCHdCGVs"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://give.ccf.org
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 448ms
447ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://give.ccf.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://give.ccf.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 21 Sep 2022 18:43:26 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f563469363efb
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f563469363efb-038e943388ab0d17-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4057-HHN
x-timer: S1663785806.484378,VS0,VE171

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.ccf.org/sso/ssobuild/js/ 34 KB
9 KB 603ms
602ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-7dd88d34843984a4----1663785806251
traceparent: 00-37b812f52b9020871272d5e06843e6b0-7dd88d34843984a4-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3ZGQ4OGQzNDg0Mzk4NGE0IiwidHIiOiIzN2I4MTJmNTJiOTAyMDg3MTI3MmQ1ZTA2ODQzZTZiMCIsInRpIjoxNjYzNzg1ODA2MjUxfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 26 Jul 2022 17:16:50 GMT
server: cloudflare
etag: W/"62e02182-893d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f2492f24cc56-ZRH
expires: Thu, 21 Sep 2023 18:43:26 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D17A 49 KB
19 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhalx-xmjXOkOrYk2NftCmSWU4Iqw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5248
date: Wed, 21 Sep 2022 17:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 19:15:58 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame D17A 1 MB
353 KB 95ms
95ms XHR
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d951327fdfca1c53853f7e6ee7617270333d2c8b686a7e9c763cc7a122fe5772

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-lZlXpnOEwjY_HiEz6B3wyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Wed, 21 Sep 2022 18:43:26 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-lZlXpnOEwjY_HiEz6B3wyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires: Wed, 21 Sep 2022 18:43:26 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5D07 49 KB
19 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhalx-xmjXOkOrYk2NftCmSWU4Iqw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5248
date: Wed, 21 Sep 2022 17:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 19:15:58 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 5D07 1 MB
352 KB 115ms
115ms XHR
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca523da4356f589fcbfcce65e4c943642070c8bbc6cc965450250498d6451fc8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-JtzhUUy4n05y46H5wIEbkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Wed, 21 Sep 2022 18:43:26 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-JtzhUUy4n05y46H5wIEbkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires: Wed, 21 Sep 2022 18:43:26 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame D17A 18 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=B4A/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhalx-xmjXOkOrYk2NftCmSWU4Iqw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84a1b3effb0f9966d6d7d65d3de620697d259a669b9753d569a00545f8abd8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7398
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame D17A 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=B4A/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhalx-xmjXOkOrYk2NftCmSWU4Iqw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e02d532255755964d5ec0312b0d9a1389afb3965f9cd7850191f68e7391d85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13986
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

POST
H3 200 log Show response
play.google.com/ Frame D17A 131 B
155 B 158ms
96ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 595ms
62ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D17A 131 B
155 B 140ms
80ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 590ms
62ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D17A 131 B
155 B 155ms
96ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 587ms
62ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D17A 131 B
155 B 153ms
94ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 582ms
63ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D17A 131 B
155 B 156ms
98ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 575ms
63ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 42BB 54 KB
17 KB 65ms
65ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.ccf.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Wed, 21 Sep 2022 18:43:26 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 266413, 469842
x-content-type-options: nosniff
x-served-by: cache-sjc10044-SJC, cache-hhn4024-HHN
x-timer: S1663785806.397344,VS0,VE0

POST
H3 200 log Show response
play.google.com/ Frame D17A 131 B
155 B 155ms
96ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 556ms
64ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 181ms
180ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 181ms
181ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 log Show response
play.google.com/ Frame D17A 131 B
671 B 575ms
94ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:26 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame 5D07 18 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=B4A/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhalx-xmjXOkOrYk2NftCmSWU4Iqw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84a1b3effb0f9966d6d7d65d3de620697d259a669b9753d569a00545f8abd8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7398
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame 5D07 37 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=B4A/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhalx-xmjXOkOrYk2NftCmSWU4Iqw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e02d532255755964d5ec0312b0d9a1389afb3965f9cd7850191f68e7391d85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13986
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 16:38:29 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5D07 131 B
155 B 154ms
96ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5D07 131 B
155 B 100ms
65ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5D07 131 B
155 B 136ms
97ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5D07 131 B
155 B 152ms
94ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5D07 131 B
155 B 128ms
92ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 178ms
178ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 179ms
179ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 177ms
177ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 112ms
111ms Image
image/gif 3.231.52.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7715769940160059&v=3307760297932530&s=2597044550277188&b=web&tv=4.0&sp=us&sp=hs_email&sp=um&sp=email&sp=uc&sp=226799727&sp=ua&sp=eNews&sp=ts&sp=1663785804374&sp=d&sp=give.ccf.org&sp=h&sp=%2Fgive%2F219429%2F&sp=q&sp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=give.ccf.org&pp=q&pp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&pp=h&pp=%2Fgive%2F219429%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Cleveland%20Clinic%20INbox&pp=ts&pp=1663785804374&id0=7419589069584800&k0=environment&k0=prod&k0=organization_id&k0=54819&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=219429&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1663785806.556640551156&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1663785806402&st=1663785806403

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-52-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:26 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
give.ccf.org/static/global/images/digitalWallets/ 3 KB
1 KB 485ms
484ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.ccf.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Aug 2022 16:53:28 GMT
server: cloudflare
etag: W/"630f9208-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 74e4f24a2837cc56-ZRH
expires: Thu, 21 Sep 2023 18:43:26 GMT

POST
H3 200 log Show response
play.google.com/ Frame 5D07 131 B
155 B 131ms
95ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:27 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 182ms
181ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 181ms
180ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 180ms
179ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 112ms
112ms Image
image/gif 3.231.52.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7715769940160059&v=3307760297932530&s=2597044550277188&b=web&tv=4.0&sp=us&sp=hs_email&sp=um&sp=email&sp=uc&sp=226799727&sp=ua&sp=eNews&sp=ts&sp=1663785804374&sp=d&sp=give.ccf.org&sp=h&sp=%2Fgive%2F219429%2F&sp=q&sp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=give.ccf.org&pp=q&pp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&pp=h&pp=%2Fgive%2F219429%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Cleveland%20Clinic%20INbox&pp=ts&pp=1663785804374&id0=666359176056695&k0=environment&k0=prod&k0=organization_id&k0=54819&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=219429&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&k0=event_id&k0=1663785806.747346889086&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1663785806421&st=1663785806421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-52-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:26 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 log Show response
play.google.com/ Frame 5D07 131 B
273 B 509ms
94ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.w9cozvSXkL0.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhCxka6a50KyTn1gG_ORS0pTzZRrQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 18:43:26 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 21 Sep 2022 18:43:26 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
496 B 186ms
185ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Donate%20to%20Cleveland%20Clinic%20INbox&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1663785806527&g=0&completeurl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF2) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:26 GMT
content-type: image/gif
server: ECAcc (frc/4CF2)
traceparent: 00-00000000000000000000058fb2a4f323-1eac348d72a3a36f-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 0058fb2a4f323
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=169
timing-allow-origin: *
content-length: 42
expires: Wed, 21 Sep 2022 18:43:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 533ms
64ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 551ms
86ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 544ms
85ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 519ms
65ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 536ms
86ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 517ms
86ms Preflight
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 21 Sep 2022 18:43:26 GMT
expires: Wed, 21 Sep 2022 18:43:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 status Show response
give.ccf.org/sso/ 89 B
1 KB 248ms
247ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.ccf.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33104530055482595423_1663785806248&_=1663785806249

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

f6a0b43990d833ea5eae1cf13d058ba1d6e189d34544e27f1c49f9bfea3d920b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-674c509d6c019bb1----1663785806869
traceparent: 00-25c266de448b6f955702fa4b67feb5d6-674c509d6c019bb1-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NzRjNTA5ZDZjMDE5YmIxIiwidHIiOiIyNWMyNjZkZTQ0OGI2Zjk1NTcwMmZhNGI2N2ZlYjVkNiIsInRpIjoxNjYzNzg1ODA2ODY5fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email
X-Requested-With: XMLHttpRequest

Response headers

cf-ray: 74e4f24d0c2dcc56-ZRH
date: Wed, 21 Sep 2022 18:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 ts
t.paypal.com/ 42 B
482 B 179ms
178ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AX2XLXDV4SLHNG-1&page=muse%3Aoffer%3A%3A%3AX2XLXDV4SLHNG-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0774d722-0619-4df5-8e10-7406e1730796&es=visitorInfoFlowStarted&mrid=X2XLXDV4SLHNG&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20to%20Cleveland%20Clinic%20INbox&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1663785806871&g=0&completeurl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF2) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:26 GMT
content-type: image/gif
server: ECAcc (frc/4CF2)
traceparent: 00-00000000000000000005f05a13acdbcb-e3b4bdafdfd3ccb4-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5f05a13acdbcb
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=163
timing-allow-origin: *
content-length: 42
expires: Wed, 21 Sep 2022 18:43:26 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 42BB 443 B
2 KB 691ms
691ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d27b311d907b1e5a765d922bd36404b6bf709408e7f0436bf049f89a4d1d356

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-aCuupGARNjNDR8HxczMd87a6bnTYzatoOVg8GYRc+7ufF7yW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-aCuupGARNjNDR8HxczMd87a6bnTYzatoOVg8GYRc+7ufF7yW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f626221d5598f
date: Wed, 21 Sep 2022 18:43:28 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4052-HHN
traceparent: 00-0000000000000000000f626221d5598f-308c2110b7a49581-01
x-timer: S1663785808.503898,VS0,VE626
x-frame-options: SAMEORIGIN
etag: W/W/"1bb-FyHG0jKVv2j2ikQIdDvvmplmn+M"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 568ms
568ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 21 Sep 2022 18:43:27 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f49820967b60d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f49820967b60d-62790108365ff89b-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4057-HHN
x-timer: S1663785807.266059,VS0,VE170

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 110ms
110ms Image
image/gif 3.231.52.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7715769940160059&v=3307760297932530&s=2597044550277188&b=web&tv=4.0&sp=us&sp=hs_email&sp=um&sp=email&sp=uc&sp=226799727&sp=ua&sp=eNews&sp=ts&sp=1663785804374&sp=d&sp=give.ccf.org&sp=h&sp=%2Fgive%2F219429%2F&sp=q&sp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=give.ccf.org&pp=q&pp=%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&pp=h&pp=%2Fgive%2F219429%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Cleveland%20Clinic%20INbox&pp=ts&pp=1663785804374&id0=6322876510064976&k0=environment&k0=prod&k0=organization_id&k0=54819&k0=payment_processor&k0=Authorize.net&k0=campaign&k0=219429&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&k0=event_id&k0=1663785807.29363066583&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1663785807122&st=1663785807123

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-52-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:27 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=pageview&_s=8&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&dp=%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-3837893-1&_gid=482322710.1663785804&cd1=54819&cd2=Classy%20Pay&cd3=1&cd4=donation&cd5=219429&cd6=campaign&cd11=recurring%20optimization&z=1117786436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40835
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1247095346&t=pageview&_s=2&dl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email&dp=%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1337448289.1663785804&tid=UA-718476-2&_gid=482322710.1663785804&z=1256499234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 07:22:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40835
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
539 B 188ms
187ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AX2XLXDV4SLHNG-1&page=muse%3Aoffer%3A%3A%3AX2XLXDV4SLHNG-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0774d722-0619-4df5-8e10-7406e1730796&es=visitorInfo&cust=identified&mrid=X2XLXDV4SLHNG&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20to%20Cleveland%20Clinic%20INbox&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=8&identifier_used=DFP&e=im&t=1663785808140&g=0&completeurl=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA7) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 18:43:28 GMT
content-type: image/gif
server: ECAcc (frc/4CA7)
traceparent: 00-0000000000000000000cd863d1fe585d-ea5d8beeb159eda1-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: cd863d1fe585d
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=170
timing-allow-origin: *
content-length: 42
expires: Wed, 21 Sep 2022 18:43:28 GMT

GET
H2 200 trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js Show response
js.stripe.com/v3/fingerprinted/js/ 174 B
374 B 55ms
54ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.ccf.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 12
x-cache: HIT
content-length: 119
etag: "5cbd8f0579eb735eea933bbd78b29553"
x-request-id: 568da7d3-6980-4d7d-958b-7ea0d460e860
x-served-by: cache-hhn4025-HHN
access-control-allow-origin: *
last-modified: Tue, 06 Sep 2022 18:34:38 GMT
server: Fastly
date: Wed, 21 Sep 2022 18:43:30 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET ProximaNova-Bold-webfont.ttf
479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ 0
0

POST
H2 200 0 Show response
r.stripe.com/ Frame 47EE 0
127 B 180ms
180ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-02b776a981c57f3e5ca44f1266388c3c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 21 Sep 2022 18:43:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
URL: https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.woff

Domain: 479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
URL: https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.ttf

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.ccf.org/	1970-01-20 15:45:45	Name: connect.sid Value: s%3AAPWd8uDd5E1PYNXzkwnb9GNtWgiGs1-T.EHXsSWLJowIqtcxg53uUkxT%2BEDRPxRKNc1OejjfQ9gg
.give.ccf.org/	1970-01-20 06:09:47	Name: __cf_bm Value: wbsuo9O4V5l9qgMSBH1ZQcUxJXmHToTZLlRhPzm0Yfk-1663785803-0-AZsoYmY/VCNkvxV1UqME6tLGi1xNTfi/b5akCZHxYytXjBMHmDC+I+S7Jp4BLBATIQHzwbqKetE/mSgAuBksrcA=
.give.ccf.org/	1969-12-31 23:59:59	Name: __cfruid Value: 229735cdfa0187818f41297dc102db032683a6f8-1663785803
.classy.org/	1970-01-20 06:09:47	Name: __cf_bm Value: AzrdKJD1X3XocKCvPir4pbMgrwTT5Xb05dTGyUgIZkE-1663785803-0-ARl4c2mfubdYQWJOIy6y8tedcUi92UYU5jAIpOUPo4TfKTI8JBI2nW4KDpU4u/0zmVHJ/913LIBYvhPiKMoaEXw=
.ccf.org/	1970-01-20 15:45:45	Name: _ga Value: GA1.2.1337448289.1663785804
.ccf.org/	1970-01-20 06:11:12	Name: _gid Value: GA1.2.482322710.1663785804
.ccf.org/	1970-01-20 15:37:43	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%227715769940160059%22%2C%22pageviewId%22%3A%223307760297932530%22%2C%22sessionId%22%3A%222597044550277188%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: CuZFjA41SA4
.youtube.com/	1970-01-20 10:28:57	Name: VISITOR_INFO1_LIVE Value: -Ok6_FaxWo8
.ccf.org/	1970-01-20 06:09:45	Name: _gat_classyTrack Value: 1
.ccf.org/	1970-01-20 06:09:45	Name: _gat_clientTrack Value: 1
.ccf.org/	1970-01-20 15:37:43	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A54819%2C%22payment_processor%22%3A%22Authorize.net%22%2C%22campaign%22%3A219429%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.ccf.org/	1970-01-20 06:09:47	Name: _hp2_ses_props.1566116007 Value: %7B%22us%22%3A%22hs_email%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%22226799727%22%2C%22ua%22%3A%22eNews%22%2C%22ts%22%3A1663785804374%2C%22d%22%3A%22give.ccf.org%22%2C%22h%22%3A%22%2Fgive%2F219429%2F%22%2C%22q%22%3A%22%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D
.give.ccf.org/	1970-01-20 14:55:21	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fgive.ccf.org%2Fgive%2F219429%2F%3Futm_campaign%3DeNews%26utm_medium%3Demail%26_hsmi%3D226799727%26_hsenc%3Dp2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg%26utm_content%3D226799727%26utm_source%3Dhs_email%23!%2Fdonation%2Fcheckout&datestamp=Wed+Sep+21+2022+18%3A43%3A25+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
.ccf.org/	1970-01-20 08:19:21	Name: _gcl_au Value: 1.1.1190883916.1663785805
.ccf.org/	1970-01-20 06:09:45	Name: _gat_UA-47551322-1 Value: 1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 307e9a386b116c3f
.twitter.com/	1970-01-20 15:45:45	Name: personalization_id Value: "v1_bDhbxoSGLpQ9RJEkopBOuA=="
.t.co/	1970-01-20 15:45:45	Name: muc_ads Value: 1cf9e215-83ca-4db7-96a4-73a9dd374ead
give.ccf.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: IVjyVHX5-w2ONf9UMpmjHjyUKYeHuqV7J2t4
.ccf.org/	1970-01-20 08:19:21	Name: _fbp Value: fb.1.1663785805606.1910299923
.facebook.com/	1970-01-20 08:19:21	Name: fr Value: 0keZXSVixW7aiKp4I..BjK1tN...1.0.BjK1tN.
.linkedin.com/	1970-01-20 06:52:57	Name: UserMatchHistory Value: AQIiHmMzC1VMJwAAAYNhXKc1eMd7MOn-tt1f7hCDJmqE_4Gn8mTGgdJq1onaUavctMMqmzqTq0zEUQ
.linkedin.com/	1970-01-20 06:52:57	Name: AnalyticsSyncHistory Value: AQJ14AvrcXUS1wAAAYNhXKc1y6TEQOvUgDztg12QR63qH5H2OOnGMiOb8VqzkEq_D0FVhPswAn4wA7X5aGhEww
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:55:21	Name: bcookie Value: "v=2&b9271c88-25c8-4ecc-8161-479bdb6dde4b"
.linkedin.com/	1970-01-20 06:11:12	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2513:u=1:x=1:i=1663785805:t=1663872205:v=2:sig=AQFJaut2uSqecTiPc7dzbdhtbr7urqMz"
.google.com/	1970-01-20 10:33:17	Name: NID Value: 511=igHOhsn6caqmUv-oziNsGIo0SVejLSPSMiedS2LaLra_SwCiUm9pPx9BBjMP7GhuyLMz_IqFZ0ufADzeLciaHPip3LcmlMqvYDwhooT8kQqkR6WaIocTtwb_xPCRqegpzl3-i17i9yqd94ejBveMHPkMgGIoYxW2R7gnhZ_5zRs
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:55:21	Name: bscookie Value: "v=1&202209211843259231f163-c882-410c-8603-0fc418b96237AQEhYRE6j3k1YEVD4z4q2m31XfBofgh6"
.linkedin.com/	1970-01-20 10:28:57	Name: li_gc Value: MTswOzE2NjM3ODU4MDU7MjswMjF2OvlK0EXEqKL3aW9pvyQlZAtj/GH7K7vZIKZ5MCdn/A==
m.stripe.com/	1970-01-20 15:45:45	Name: m Value: a91278ce-1eac-46ce-853c-0a319dbdb476a01b78
.give.ccf.org/	1970-01-20 14:55:21	Name: __stripe_mid Value: 402b1546-4c40-4ad3-94cb-24836904abd2fea604
.give.ccf.org/	1970-01-20 06:09:47	Name: __stripe_sid Value: b7939b3c-285b-4f17-bb2f-aa3fd713678f816675
give.ccf.org/	1970-01-20 14:55:21	Name: acceptCookies Value: eyJpdiI6IkRzaFRocWVocXNOQjRGNmRzTDA0Q2c9PSIsInZhbHVlIjoiMEpCK0hTbkFcL1N4RVYxekJHZU1jN1E9PSIsIm1hYyI6IjUzMWZjYTY4NzVhNWVlYzRlNDliN2VjNWRmYjc3MjU2M2M5ZjEwMTllMjU4Mjg2NjU1Y2NjM2VlODIzN2VkZjIifQ%3D%3D
give.ccf.org/	1970-01-20 06:09:53	Name: XSRF-TOKEN Value: eyJpdiI6InB5b3d5MEY4bDVQSG5XYVNLNSsycEE9PSIsInZhbHVlIjoiSHQ5aTBwVkl3cFFIUnB2R0NSNHU5VWZQcER0bENSVENLQU1lR2tlaFwvMnRKVndHc3pSczdHSzlKNWVxdjJ3dlRHN0hUNWZqVHBUUW40elUrM2lrcmpRPT0iLCJtYWMiOiIwZGJhYWE1MjliZmVhMDBiYWViMjI4YmVjOTYyZWJlNzZkODI5M2ZiYmQ5MzI3ZWFiZWI1NjEzZDc3MzQ5ZDU3In0%3D
give.ccf.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6ImJKeHkrR0xkaXQ2bEQrTFh2QnQ5MkE9PSIsInZhbHVlIjoiUW8wcmNFREdMYlZtSWVITWNwWktycVlCazB4cEd2bVRTc2FPOXFzcVFHRjVUWWRYM2dVdkdyVFgzRmhEdHE1UkdvRFRXclNyUFFBa1ZndzlzNlFcL3JnPT0iLCJtYWMiOiJkM2FiNzQxOTcxY2RhODZhYzhkNGRhYWUxZTgzMjE4MmEzZTQ0MzgzM2I3MmM3YWNhNDA3ZWI5MmZhZDYwMjkwIn0%3D
.paypal.com/	1970-01-20 14:55:21	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 06:10:17	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2Mzc4NTgwODA0MSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 06:14:05	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AgCFzSVMGtwyVHuMEcmmcfuByhq1yOpoK.nnFDMR6hk6OAOhB2Gpykq7Et2w9DppKx5W7xe9w15uc
.paypal.com/	1970-01-20 06:09:47	Name: l7_az Value: dcg15.slc
.paypalobjects.com/	1970-01-20 06:11:12	Name: paypal-offers--cust Value: identified:8:DFP
.paypal.com/	1970-01-20 15:45:45	Name: ts Value: vreXpYrS%3D1758480208%26vteXpYrS%3D1663787608%26vr%3D615cb16e1830a623d9515902ffffffff%26vt%3D615cb16e1830a623d9515902fffffffe
.paypal.com/	1970-01-20 15:45:45	Name: ts_c Value: vr%3D615cb16e1830a623d9515902ffffffff%26vt%3D615cb16e1830a623d9515902fffffffe

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://give.ccf.org/give/219429/?utm_campaign=eNews&utm_medium=email&_hsmi=226799727&_hsenc=p2ANqtz-8ORQ8195s5ZTqTHFGOjcCmbdTh8D4qrdeXxzN2WPmwkYqNwAm1hU-ohEY0BkYnPYboWq1lj4SsUxDUHS0R1sr6dPNqRg&utm_content=226799727&utm_source=hs_email#!/donation/checkout Message: Access to font at 'https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.woff' from origin 'https://give.ccf.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com/ProximaNova-Bold-webfont.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
analytics.twitter.com
assets.classy.org
bam.nr-data.net
cdn.heapanalytics.com
cdn.plaid.com
code.jquery.com
connect.facebook.net
cxd3d04.na1.hubspotlinks.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.ccf.org
heapanalytics.com
htp.tokenex.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
js.stripe.com
m.stripe.com
m.stripe.network
notify.bugsnag.com
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
sessions.bugsnag.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
t.paypal.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
479e8b7059efef8d55a8-8c1f1d4d1f2574e4cd164a0f2a6bcea0.ssl.cf2.rackcdn.com
104.244.42.133
104.244.42.200
104.244.42.67
108.138.15.119
13.107.42.14
13.32.121.116
13.32.121.61
151.101.192.176
151.101.194.137
151.101.65.21
151.101.66.133
162.247.241.14
192.229.221.25
199.232.16.157
2001:4de0:ac18::1:a:1b
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:9000:224a:9a00:19:7d10:bd80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::ac40:929e
2606:4700:440e::6812:2fe6
2606:4700::6810:7caf
2606:4700::6812:1f69
2606:4700::6812:7115
2606:4700::6812:843c
2620:1ec:21::14
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:828::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c08::5f
2a00:1450:400c:c08::9c
2a00:1450:400c:c0a::5c
2a00:1450:400d:80c::200e
2a02:26f0:11a::6867:4843
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
3.231.52.38
52.143.247.24
52.223.40.198
54.149.23.244
54.187.159.182
01b8dae7b9ed72d6d5d1f74f6e34f4ec98ab9aa1e8be13eb4fb97062e01b3aae
024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1163a9ea7aa40907ea1095e84fb3e00d9a882b8289766745af9bb3a86a16d5d5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cdb550801da5630adfdbf6ec4a4aee2fe432116e0007fadadb9b3bafd9b9256
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
3049a22d4579362f2b14a5c59b2e07122f33aaffee53ee5b576bf294536e6f1d
319577b06050d8c250288b4dcb91fe507d5accf083acf33fd91ad4a97a017ac5
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
3737153a44af2553ac8431740f495757de80b963891092e626148b146255bbda
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3db4a79a56cbaca3f123ece1b8d7bf261147bf60f11c8113dbdf9ba1377a4bc0
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
428a29a9745759e9e8d13582ba6677b91f26256db0334ad4585fd4573e42512a
4fa35a1279e5eff82060ec2bd41b30b72d299228912d4ed64269f943fddbc0f3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
532dd1ba7d42f8d20324e98a5b32629523b3b92cb4a135e88c3c4f7883234753
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5469c6823b39982822ab045ac7388b68bcbce0548f799c5e5af3c8cf68196a9e
551c71f7ac1cd64bcaae0fdad7d5991e712e010f9fd2cad47af5df4c652b4bab
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56781c1f2fd72255c58e1a3fff00cdfcb074cafb70ebd40a40f1a748fd687ed1
5c0c0d8f0a179dc69eda6aac7879904c94bab835a28de393cc6f10fd34e21e2c
62c6215bea43ccf89c416af84c99ff887415f4ef79e5480a5f975d52e912f253
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
630b44e7fe943e5e28c06a45c919a46a7a7284d04e4eee93c5f60da0db05c198
64317b8b8ce3fa7e3c9d7822761387abc5b5bc062490cdc39ad7c3d81711dd88
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
655fe21a3f9b54c20dd4caf3ef8771c13c806e9c25455edb7aeb00b5db09bb5b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d27b311d907b1e5a765d922bd36404b6bf709408e7f0436bf049f89a4d1d356
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6df4899153fc2d27302e87a8b3f2166596a1c4e16f12123d6759f47958dfc483
6e02d532255755964d5ec0312b0d9a1389afb3965f9cd7850191f68e7391d85b
71a4954bfc82b7512ffe6f4c8a53e763a37157f399c94b13b2fe4bd423b5e86e
797ad32ddcf4bcc45d1dcbbdd66f5a380fcc8476eb3ea7ec64932f075a11ff43
79a0c77054699d99c988a17016c3c9a24056051574bcecde5f1f767997fe3c84
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
832c54ad6c8addc256595ba560d89e22226d6d740b0d06bbaa188cceda67d5ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84a1b3effb0f9966d6d7d65d3de620697d259a669b9753d569a00545f8abd8fe
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8755ab3ff440e9c675d63c161a7fdc59680cb5b9cc95fe118130b1d33f58304b
8863ad9c5cbf8db7c1d89afaf49669fe19d1e90ec2228d0d2bdf8229cb9e00bb
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5
8c7292850485562720d66ca342db38c7bed1ece0c7c32601c26337eab268518b
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
923b98f388a1ed517388a42b1e51c727eb88f8aabd41146f10bbfdd150925d63
97234286f012c57406e2d041b79351996bb5972ef1e6e4a3dce1e1a0bcb1877e
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
99d67c7ae3ef003dadc7cbafd121fe1ef16f427f0955ec0e46a51d7da338d83e
9b35afa9d0d5a26dffebc42c98f1c170e8e75c3f9d60f7af5bc00b25c996134e
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e6ee5d369e4fea8821fd34d180c466fbf6bb9ca6a91f1488edc024bd6a2c4bd
a460d6273594ccf19c66aa325c93a1c9df2eb805d4eb9b0a1d3583c3df4aebce
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a853ca446c11f06d516181055253b1d79b0db168f57a1ee88d093d132c1e3802
ab38289b5ddde94428c1ed6723e7c6e70ef4c8e3ed0cc89f3d979a4adc567788
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aced4f41e502cecbe2954a7b643c073d5a8070d00dd4bc17fa9d48527aa101a7
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b003c62f1cf4122a3d475619abe0ae2d289f4ea46542e5e9a342eff7e206b12b
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc64e9a3d3a9304bb1e056b336fb74ce69c6ea34adaefda24bced6e7886053db
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
c21807c05b8d938ea317846276fa08f2a632893e792b4756e04d06da9cd15e51
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
ca523da4356f589fcbfcce65e4c943642070c8bbc6cc965450250498d6451fc8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d951327fdfca1c53853f7e6ee7617270333d2c8b686a7e9c763cc7a122fe5772
da0cbcbf8277d69d7cf22fdd8ad6448182897b7455191b8c5870610ff33cc0d7
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1f78417c087df2d3aadc913210a981b51291c946b7edc79891a6e7e63043f1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6414c8fd07babfdae2e45946828eba26372f5583d05f14ff6a5cc9213ca34b6
ea44d33f930c6023c426e70ad66b86b9d6615d91905f1047c866b028b5568f27
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6a0b43990d833ea5eae1cf13d058ba1d6e189d34544e27f1c49f9bfea3d920b
f86554ba5b50351575019a77a75b2646e071b7bee98b44348097fe6947cd3d1a
f97b7d947fa5ccf3bdaf6f3d1163269dbc975678f0e0e856b956c4573ea16091
fcfefb35019ae26daa49fa9e2c7ba1375a32f3d9de8c5982efced5ac78729e4d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

give.ccf.org Open in urlscan Pro 2606:4700::6812:7115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

229 Requests

99 %HTTPS

56 %IPv6

33 Domains

48 Subdomains

43 IPs

6 Countries

4282 kBTransfer

14504 kBSize

46 Cookies

7 Outgoing links

Page URL History

Redirected requests

229 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.ccf.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Screenshot
Live screenshot

Full Image

229
Requests

99 %
HTTPS

56 %
IPv6

33
Domains

48
Subdomains

43
IPs

6
Countries

4282 kB
Transfer

14504 kB
Size

46
Cookies

229 HTTP transactions
0 data transactions