toadgivesback.travelonadream.com Open in urlscan Pro
35.209.197.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://toadgivesback.travelonadream.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On May 26 via api (May 26th 2023, 5:57:47 pm UTC) from DE — Scanned from DE

Summary HTTP 450 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 41 IPs in 3 countries across 36 domains to perform 450 HTTP transactions. The main IP is 35.209.197.61, located in Council Bluffs, United States and belongs to GOOGLE-2, US. The main domain is toadgivesback.travelonadream.com.

This is the only time toadgivesback.travelonadream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
59	35.209.197.61 35.209.197.61	19527 (GOOGLE-2) (GOOGLE-2)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
113	2606:4700:10:... 2606:4700:10::6816:18cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	13.224.189.74 13.224.189.74	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 23	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
31	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:826e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:65ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:75be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:d839	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	107.22.31.116 107.22.31.116	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.24.142.169 52.24.142.169	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:225... 2600:9000:225e:9400:0:1a32:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
79	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:205... 2600:9000:2057:3800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:8e65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	54.68.59.163 54.68.59.163	16509 (AMAZON-02) (AMAZON-02)
2	18.202.131.124 18.202.131.124	16509 (AMAZON-02) (AMAZON-02)
450	41

59 35.209.197.61 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 61.197.209.35.bc.googleusercontent.com

toadgivesback.travelonadream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.toadgivesback.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

113 2606:4700:10::6816:18cd (United States)

ASN13335 (CLOUDFLARENET, US)

www.zeffy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gtm.zeffy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.zeffy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-74.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6812:6b9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o563579.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:826e (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:65ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:75be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d839 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.22.31.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-31-116.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.24.142.169 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-142-169.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:9400:0:1a32:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

canny.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

79 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:3800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8e65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:21::14 (United States) 8 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.68.59.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-59-163.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.131.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
114	stripe.com js.stripe.com — Cisco Umbrella Rank: 968 q.stripe.com — Cisco Umbrella Rank: 5765 m.stripe.com — Cisco Umbrella Rank: 935 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 4976 r.stripe.com — Cisco Umbrella Rank: 3716	1 MB
113	zeffy.com www.zeffy.com — Cisco Umbrella Rank: 526709 gtm.zeffy.com — Cisco Umbrella Rank: 934373 api.zeffy.com — Cisco Umbrella Rank: 764117	2 MB
46	toadgivesback.org www.toadgivesback.org	18 MB
28	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	791 KB
25	cloudflare.com 2 redirects cdnjs.cloudflare.com — Cisco Umbrella Rank: 199 challenges.cloudflare.com — Cisco Umbrella Rank: 6358	616 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	850 KB
13	travelonadream.com toadgivesback.travelonadream.com	211 KB
10	linkedin.com 8 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 339 www.linkedin.com — Cisco Umbrella Rank: 603 px4.ads.linkedin.com — Cisco Umbrella Rank: 6328	6 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2	56 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	180 KB
7	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4501 app.hubspot.com — Cisco Umbrella Rank: 5082 track.hubspot.com — Cisco Umbrella Rank: 2133	6 KB
5	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1464	1 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1053	32 KB
4	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3248 feedback.hubapi.com — Cisco Umbrella Rank: 20970	2 KB
4	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2460	416 KB
4	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1933 api-iam.intercom.io — Cisco Umbrella Rank: 2135	11 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	81 KB
3	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2208	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6080	563 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	3 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 725	10 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	217 B
2	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 15140	19 KB
2	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 2977	6 KB
2	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1980	41 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1986	126 KB
2	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4470	42 KB
2	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 3961	174 KB
2	sentry.io o563579.ingest.sentry.io — Cisco Umbrella Rank: 887092	368 B
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 875	14 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 885	92 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2715	868 B
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5335	7 KB
1	canny.io canny.io — Cisco Umbrella Rank: 21545	32 KB
0	oribi.io Failed cdn.linkedin.oribi.io Failed
450	36

	Domain	Requested by
91	www.zeffy.com	www.toadgivesback.org www.zeffy.com
67	r.stripe.com	js.stripe.com
46	www.toadgivesback.org	toadgivesback.travelonadream.com
31	js.stripe.com	www.zeffy.com js.stripe.com
28	www.googletagmanager.com	www.zeffy.com www.googletagmanager.com js.hsadspixel.net www.toadgivesback.org
23	challenges.cloudflare.com	2 redirects www.zeffy.com challenges.cloudflare.com
20	api.zeffy.com	www.zeffy.com
13	toadgivesback.travelonadream.com	toadgivesback.travelonadream.com
12	q.stripe.com	toadgivesback.travelonadream.com
8	www.google.com	www.zeffy.com www.toadgivesback.org www.gstatic.com www.google.com
8	connect.facebook.net	www.googletagmanager.com connect.facebook.net
8	fonts.gstatic.com	fonts.googleapis.com www.zeffy.com www.toadgivesback.org
6	www.gstatic.com	www.google.com
6	px.ads.linkedin.com	6 redirects
5	api.amplitude.com	www.zeffy.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	api.hubspot.com	www.zeffy.com
4	js.intercomcdn.com	widget.intercom.io
4	www.google-analytics.com	www.googletagmanager.com
3	js.hs-scripts.com	www.zeffy.com www.googletagmanager.com
3	fonts.googleapis.com	toadgivesback.travelonadream.com www.toadgivesback.org
2	merchant-ui-api.stripe.com	js.stripe.com
2	m.stripe.com	m.stripe.network
2	feedback.hubapi.com	static.hsappstatic.net
2	www.google.de	www.zeffy.com www.toadgivesback.org
2	px4.ads.linkedin.com	www.zeffy.com www.toadgivesback.org
2	www.linkedin.com	2 redirects
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	app.hubspot.com	js.hubspotfeedback.com
2	snap.licdn.com	js.hsadspixel.net
2	www.facebook.com	www.zeffy.com
2	api.hubapi.com	www.zeffy.com
2	api-iam.intercom.io	js.intercomcdn.com
2	js.hubspotfeedback.com	js.hs-scripts.com
2	js.hsadspixel.net	js.hs-scripts.com
2	js.hs-analytics.net	js.hs-scripts.com
2	js.hs-banner.com	js.hs-scripts.com
2	js.usemessages.com	js.hs-scripts.com
2	js.hsleadflows.net	js.hs-scripts.com
2	o563579.ingest.sentry.io	www.zeffy.com
2	static.cloudflareinsights.com	www.zeffy.com
2	gtm.zeffy.com	www.zeffy.com
2	widget.intercom.io	www.googletagmanager.com
2	www.googleoptimize.com	www.googletagmanager.com
2	cdn.polyfill.io	www.zeffy.com
2	cdnjs.cloudflare.com	toadgivesback.travelonadream.com cdnjs.cloudflare.com
1	static.hsappstatic.net	app.hubspot.com
1	track.hubspot.com	www.toadgivesback.org
1	canny.io	www.zeffy.com
0	cdn.linkedin.oribi.io Failed	www.zeffy.com
450	50

This site contains links to these domains. Also see Links.

Domain
www.travelonadream.com
travelonadream.com
www.facebook.com
www.mcarnes.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.toadgivesback.org R3	`2023-04-19` - `2023-07-18`	3 months	crt.sh
zeffy.com GTS CA 1P5	`2023-04-30` - `2023-07-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
canny.io Amazon RSA 2048 M01	`2023-04-06` - `2023-10-24`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 29 frames:

Primary Page: http://toadgivesback.travelonadream.com/
Frame ID: 16BF7D5F616CB670B8CF9D27BA138C2C
Requests: 62 HTTP requests in this frame

Frame: https://www.toadgivesback.org/form.html
Frame ID: A8484AFB3409EBCD868FB9795BF2AD3B
Requests: 3 HTTP requests in this frame

Frame: https://www.toadgivesback.org/formsm.html
Frame ID: 7ACE8F6CAA3FB0263C3E2BD6F82E3A52
Requests: 2 HTTP requests in this frame

Frame: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Frame ID: 5E6363BA42CAD0183F2B3318326F2900
Requests: 109 HTTP requests in this frame

Frame: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Frame ID: 78022483C6B6BFFB356F00CFA1F127E4
Requests: 104 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.cabb9239.js
Frame ID: 365ADE2D9A73668968774D46B2E87792
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.cabb9239.js
Frame ID: 33139E2791C705E0057C5EF5CE49BDD6
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F171C121349D546961E2E1AAFBADA791
Requests: 4 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 9B6E15748A55E6194F72A7407CD4CB34
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6E628B6F239515C8C2BC99AF1836DDF4
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
Frame ID: 87170261410FD23C9AD095A92C5E04A2
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
Frame ID: 73BC70DC6A24C11EF1F9FBAF783D06F8
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ul6kt/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: 4E6685A2D93AF89470B0FA14FA5835BD
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yeipj/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: 144E4B2FDCC0A410339249464EB390AF
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fddib/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: EBE5E3B224C85A854E5B01CAFC49186B
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/htaqz/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: A1813AB0CA2A8C9E15B67E2CC5797F2E
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
Frame ID: 2CF7DA63A45A56A30CFD8628A7FA99CB
Requests: 43 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
Frame ID: EF021C452CDD961C2205D17AB46BE62C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
Frame ID: 206AFD268447D408290C9B2B138E0F48
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
Frame ID: E86A852130E20D76D40216930FEB6FDF
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tq1xs/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: BC6A9805C06BDF221EA333B82BF96032
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dcekd/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: 4FF726CC48BC81306C775EC08118CAAB
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xhu12/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: 7955420009AFCB80ABC3AAF007BD8F27
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/czp0w/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Frame ID: 39948A988A26EA6681D88054143C2103
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=8xrsqby3d50y
Frame ID: DD5507106AB32FDADD2C46EE0083EC00
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=rvsg3fvbld8w
Frame ID: B130DC4831D70C0C84A078D87E5D9E1C
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 5AAA6DE78A216F6A239A7A14FEFD3EAB
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 08226C9C28481F8C0B451D2BB0626D7A
Requests: 4 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 779A8275821542920DAA816C869ADDEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ToaD Gives Back Inc

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

450
Requests

84 %
HTTPS

73 %
IPv6

36
Domains

50
Subdomains

41
IPs

3
Countries

25525 kB
Transfer

40385 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.travelonadream.com/
Title: TravelOnADream.com

Search URL Search Domain Scan URL

URL: https://travelonadream.com/cruises/toad-group-trips/
Title: Click here to visit ToaD Group Cruises hosted by Travel On A Dream!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ToaDGivesBack

Search URL Search Domain Scan URL

URL: https://www.mcarnes.com/
Title: Organizational branding provided by MCarnes L.L.C.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 153

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js

Request Chain 164

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js

Request Chain 254

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4140793%26time%3D1685123860108%26url%3Dhttps%253A%252F%252Fwww.toadgivesback.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJZh5PXcg9XoAAAAYhZNY11HHc7gM5zeeEOcrcXFbG3UYwOrNOnCbSUQXALciVKbYJhHhozHBcpqw

Request Chain 256

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4140793%26time%3D1685123860113%26url%3Dhttps%253A%252F%252Fwww.toadgivesback.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL9pzLzjyG5-wAAAYhZNY17yZDCe06ENRPpzVDzEy70ZsuooHRdy3zdqOlaSaTCHhpwanlNYB8XMg

450 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
toadgivesback.travelonadream.com/ 49 KB
14 KB 633ms
137ms Document
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dd6cc76beb0e7edb20e62f556d3e8e65831249f047508ec8d6f7782a19238f16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 26 May 2023 17:57:36 GMT
ETag: W/"c3d9-5f7da97b96b15"
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Last-Modified: Mon, 27 Mar 2023 04:58:23 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Httpd: 1
X-Proxy-Cache: HIT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 72ms
26ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1550151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S53Ostm2zGvhZmKWH6tFSI9OtPsBa4TdBxf4nMT3Y8LW9D9yEZztsOTUJVdgeKcHOoDWUbtMNVtS0RNVkYVhMvXqv1zIVip4wCpaoyQ2ChPvuOtcQjRybadfB8pIloephjwGIUZ0Esswuxn43ojLyJeY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cd7e6c78e8939da-FRA
expires: Wed, 15 May 2024 17:57:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 78ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2350add23b4c7a29e50ed33c3a4ec8af8fff2cc389981510d5e60e552e4944bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 17:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 16:57:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 17:57:36 GMT

GET
H/1.1 404
Not Found fcf.default.css
toadgivesback.travelonadream.com/fcf-assets/css/ 0
0 314ms
189ms Stylesheet
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/fcf-assets/css/fcf.default.css
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
X-Httpd: 1
X-Proxy-Cache-Info: 0 NC:000000 UP:
Connection: keep-alive
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS

GET
H/1.1 200
OK foundation.css
toadgivesback.travelonadream.com/css/ 73 KB
19 KB 263ms
133ms Stylesheet
text/css 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/css/foundation.css
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 55889cb209e2528721a6a765951c90d7986ef388c47039eb8f9ba3b2232c5b6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 15:40:32 GMT
Server: nginx
ETag: W/"641dc470-12595"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:36 GMT

GET
H/1.1 200
OK modernizr.js Show response
toadgivesback.travelonadream.com/js/vendor/ 11 KB
5 KB 270ms
138ms Script
application/javascript 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/js/vendor/modernizr.js
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 15:41:32 GMT
Server: nginx
ETag: W/"641dc4ac-2bf4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:36 GMT

GET
H/1.1 200
OK jquery-1.2.2.pack.js Show response
toadgivesback.travelonadream.com/facefiles/ 29 KB
16 KB 269ms
137ms Script
application/javascript 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/facefiles/jquery-1.2.2.pack.js
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9db225c50bd535f0e170ca98c93e353d65db90887504f26b58b673ac01c2088d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 15:40:32 GMT
Server: nginx
ETag: W/"641dc470-7286"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:36 GMT

GET
H/1.1 200
OK facebox.css
toadgivesback.travelonadream.com/facefiles/ 1 KB
939 B 265ms
134ms Stylesheet
text/css 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/facefiles/facebox.css
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c4c7acaaeaa26ccfd9f798f74dbdbe2866532fb431d5ae6834673f3515aa1132

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Last-Modified: Sat, 25 Mar 2023 03:58:04 GMT
Server: nginx
ETag: W/"641e714c-51e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:36 GMT

GET
H/1.1 200
OK facebox.js Show response
toadgivesback.travelonadream.com/facefiles/ 6 KB
3 KB 273ms
141ms Script
application/javascript 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/facefiles/facebox.js
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b46a43adef550ea4b5af6f548cb5fd82e2fb5a6419ed1b0b472caf73890677c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 15:40:32 GMT
Server: nginx
ETag: W/"641dc470-1803"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:36 GMT

GET
H/1.1 200
OK mcmulti.png
www.toadgivesback.org/images/ 208 KB
209 KB 444ms
133ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/mcmulti.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 05625e335abd08a4ccb4656670dce32bab639e74afec18d7dec206607439e54a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:37 GMT
Server: nginx
ETag: "641dc475-3419c"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 213404
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK 23.png
www.toadgivesback.org/images/news/ 511 KB
512 KB 445ms
133ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/23.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c75ca2c25e69eab417e7f02da4ffaa1be58d03819c2b62ae15c93ee5d56e9d58

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:18 GMT
Server: nginx
ETag: "641dc49e-7fdd9"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 523737
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK more.png
www.toadgivesback.org/images/ 78 KB
78 KB 447ms
134ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/more.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f46d71343a1274012614131a5bc57b7c7c5cc1147f1e113009214222c55fbe45

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:39 GMT
Server: nginx
ETag: "641dc477-1368b"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 79499
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK 232.png
www.toadgivesback.org/images/news/ 767 KB
767 KB 449ms
135ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/232.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 15c65364c359ba7069b40108fc19d7ea0b1bfbe43e0ef8e318a5f8c89964f362

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:20 GMT
Server: nginx
ETag: "641dc4a0-bfba1"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 785313
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK wcc.png
www.toadgivesback.org/images/news/ 557 KB
558 KB 450ms
136ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/wcc.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7fef5da82a0c6d01bd03b50605323fa4b9e3d2677bbb3cfe219f5e6d41b7e29e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:21 GMT
Server: nginx
ETag: "641dc4a1-8b4b0"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 570544
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK more2.png
www.toadgivesback.org/images/ 78 KB
79 KB 466ms
144ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/more2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52459a6b0653ab913cda2fac820e7f486c4479742ddd44f62adcd5f9142f201e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:33 GMT
Server: nginx
ETag: "641dc471-139b8"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 80312
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK wcc2.png
www.toadgivesback.org/images/news/ 566 KB
566 KB 137ms
137ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/wcc2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 34b8fa3e9c1d55b37ec0781912d72c101a9f60060e004c39af67ff1b3b237c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:16 GMT
Server: nginx
ETag: "641dc49c-8d7b7"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 579511
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK cim.png
www.toadgivesback.org/images/news/ 423 KB
423 KB 144ms
144ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/cim.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e944bf269bf7b8d011ebc6ba0d5c1af40a6f5c5613758c05ba752f2c64fcf642

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:21 GMT
Server: nginx
ETag: "641dc4a1-69b80"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 433024
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK cim2.png
www.toadgivesback.org/images/news/ 729 KB
730 KB 132ms
132ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/cim2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6a664910b67e163066d3c17c5c7917c9ea69a4ed9ed546abdc7d2e39fa4259e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:16 GMT
Server: nginx
ETag: "641dc49c-b6508"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 746760
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H/1.1 200
OK aslc.png
www.toadgivesback.org/images/news/ 517 KB
517 KB 137ms
137ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/aslc.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cfc7e56f36db32b12566a7e41e5bb4af76b8e071097c2095b0c4d0cf94ce7f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:22 GMT
Server: nginx
ETag: "641dc4a2-81281"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 529025
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK aslc2.png
www.toadgivesback.org/images/news/ 760 KB
760 KB 149ms
149ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/aslc2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 869c4248ee8b7e0f586dcb1da68e75f3bb25bd8cae19438ff85bcdca1de1dec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:18 GMT
Server: nginx
ETag: "641dc49e-bde20"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 777760
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK awcc.png
www.toadgivesback.org/images/news/ 588 KB
589 KB 141ms
138ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/awcc.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: accedf8e189cdd5c09fdbcda2174b28eaaa6bf7853005cf37e0c8582271cc4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:10 GMT
Server: nginx
ETag: "641dc496-930f0"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 602352
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK awcc2.png
www.toadgivesback.org/images/news/ 870 KB
871 KB 145ms
145ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/awcc2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60321818f28fb314f14109e1a352f6c61fcadcedaae690ccc0d246cadccc7040

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:15 GMT
Server: nginx
ETag: "641dc49b-d98f2"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 891122
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK arc.png
www.toadgivesback.org/images/news/ 424 KB
424 KB 134ms
134ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/arc.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 73805cbd5d4a1ec292c6e5befc1d5cc54960c111a623f549eb8add2f5c4478cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:19 GMT
Server: nginx
ETag: "641dc49f-69eed"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 433901
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK arc2.png
www.toadgivesback.org/images/news/ 590 KB
591 KB 134ms
134ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/arc2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88e6df294d2d2467b7deb6dfc5289cbfbc7aee71de015168b406008bc54b614b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:15 GMT
Server: nginx
ETag: "641dc49b-939d1"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 604625
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK svi.png
www.toadgivesback.org/images/news/ 435 KB
435 KB 134ms
133ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/svi.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c1fca5fcc5458e2f485a9ff87d94d943e43b5998263bbeb123ac38c2e8d2fdd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:09 GMT
Server: nginx
ETag: "641dc495-6caec"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 445164
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK svi2.png
www.toadgivesback.org/images/news/ 615 KB
615 KB 135ms
135ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/svi2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e922201b5fd5f85d1dff2d68cb5a22e654de317b1a9377ab0fa95ebb8c9700b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:12 GMT
Server: nginx
ETag: "641dc498-99c5e"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 629854
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK emc.png
www.toadgivesback.org/images/news/ 443 KB
443 KB 137ms
136ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/emc.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 250285ca5ee77ac87e9bcf7801ef8b09dcac619f0055689cc9759572a766734b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:17 GMT
Server: nginx
ETag: "641dc49d-6ec0b"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 453643
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK emc2.png
www.toadgivesback.org/images/news/ 745 KB
745 KB 137ms
137ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/news/emc2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 37509c3eda0c6c078ba1895c22d74de290195424f6a71e04a62197f7370b9bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:38 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:11 GMT
Server: nginx
ETag: "641dc497-ba2b6"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 762550
Expires: Sat, 25 May 2024 17:57:38 GMT

GET
H/1.1 200
OK 1.jpg
www.toadgivesback.org/images/staff/ 261 KB
261 KB 137ms
135ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/1.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b32560cca87efe8ebc45d321ffaf32b266d22f540b1d686bb574dde3024776e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:31 GMT
Server: nginx
ETag: "641dc4ab-4120b"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 266763
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK pad.png
www.toadgivesback.org/images/ 81 KB
82 KB 133ms
133ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/pad.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 14c4b81404a1b2258e9b51a4bdcfb30e439586fafb14655ee4634b043446ba8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:36 GMT
Server: nginx
ETag: "641dc474-14510"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 83216
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK 1b.jpg
www.toadgivesback.org/images/staff/ 341 KB
342 KB 136ms
136ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/1b.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f1894eb6a1888da1ea36bf6c34e61186ff85cd2f3350c567561a1ab280ae942a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:24 GMT
Server: nginx
ETag: "641dc4a4-555cc"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 349644
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK 3.jpg
www.toadgivesback.org/images/staff/ 200 KB
200 KB 135ms
135ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/3.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9dd26115c4b337f7b4b46b7d349c019959ba3d1b62baa8975b1bf626060ef75d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 03:19:39 GMT
Server: nginx
ETag: "641e684b-3202b"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 204843
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK pad3.png
www.toadgivesback.org/images/ 117 KB
118 KB 138ms
137ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/pad3.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2028c460e583dc45642c859d964307619844eb244ed26aa45b0646e414fe4fd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:34 GMT
Server: nginx
ETag: "641dc472-1d4d9"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 120025
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK 3b.jpg
www.toadgivesback.org/images/staff/ 249 KB
250 KB 135ms
134ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/3b.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f9716b26933c14d1ec471f31afd212af235ca7a62668b1c5509440de6ae99a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 03:19:39 GMT
Server: nginx
ETag: "641e684b-3e5db"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 255451
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK 4.jpg
www.toadgivesback.org/images/staff/ 156 KB
156 KB 134ms
133ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/4.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dc52657c66bba49f9185b978b9c1dc4550304a0115c7aa6cc8dc2d2d4151fd62

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 18:10:13 GMT
Server: nginx
ETag: "641f3905-26ef4"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 159476
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK pad2.png
www.toadgivesback.org/images/ 114 KB
114 KB 138ms
138ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/pad2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29d917b757c2cb0bcc6f85719a8eb49241a6942e276d9d68e1336e233dfe4aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:34 GMT
Server: nginx
ETag: "641dc472-1c68b"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 116363
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK 4b.jpg
www.toadgivesback.org/images/staff/ 206 KB
206 KB 133ms
133ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/4b.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a45fc65f6626c77ae21440b89c3d45a586fd0bc741861af4a03f66a36b425a63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 18:10:13 GMT
Server: nginx
ETag: "641f3905-33620"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 210464
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK ea.png
www.toadgivesback.org/images/staff/ 419 KB
420 KB 137ms
137ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/ea.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a1c0e7d03b65f7ada61acbf303b34b485cd5ebc84d09b39bb9a05c6d589a4cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 18:15:32 GMT
Server: nginx
ETag: "641f3a44-68d4b"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 429387
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK elaine2.png
www.toadgivesback.org/images/staff/ 595 KB
596 KB 138ms
138ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/elaine2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5515898f8617b16447aa262bdaacd88defa8485db770261b4545a3a4567942c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 18:15:32 GMT
Server: nginx
ETag: "641f3a44-94cb3"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 609459
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK dan.png
www.toadgivesback.org/images/staff/ 346 KB
347 KB 134ms
134ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/dan.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ad715d7a8a7221eee7355315bf2d77c39ecfd598f7c44de8939dc65490037b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 17:19:05 GMT
Server: nginx
ETag: "641f2d09-569ab"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 354731
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK dan2.png
www.toadgivesback.org/images/staff/ 471 KB
471 KB 139ms
139ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/dan2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b8bdda07b5474343260e4b41f642356c3bac7faaf24e9161ce42f3f097455d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 17:18:08 GMT
Server: nginx
ETag: "641f2cd0-75c02"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 482306
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK jeff.png
www.toadgivesback.org/images/staff/ 435 KB
435 KB 135ms
135ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/jeff.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f686c0ffc4eabec34e038d5a871a23f9d8a0fa3a89c3a44cb95b73a1ae706cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:39 GMT
Last-Modified: Sat, 25 Mar 2023 18:01:06 GMT
Server: nginx
ETag: "641f36e2-6cb2d"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 445229
Expires: Sat, 25 May 2024 17:57:39 GMT

GET
H/1.1 200
OK jeff2.png
www.toadgivesback.org/images/staff/ 611 KB
611 KB 136ms
136ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/jeff2.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 34210726dd6d2a3d1c9821e890065c8bec8ee2172913f36a13093bd5295a4922

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:26 GMT
Server: nginx
ETag: "641dc4a6-98b80"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 625536
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK m.jpg
www.toadgivesback.org/images/staff/ 165 KB
165 KB 137ms
136ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/m.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 78a6da53d3fee6097a33cfc70288d1f3237f5d1d2901b3f2ced6fc2104b54476

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Sat, 25 Mar 2023 04:08:11 GMT
Server: nginx
ETag: "641e73ab-29391"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 168849
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK mb.jpg
www.toadgivesback.org/images/staff/ 184 KB
185 KB 137ms
135ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/mb.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: abb9ff7e30ada607c32d907967e0de97ee95883dab941a811cfca4d36dce7ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:23 GMT
Server: nginx
ETag: "641dc4a3-2e16a"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 188778
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK tonya2.jpg
www.toadgivesback.org/images/staff/ 105 KB
105 KB 149ms
149ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/tonya2.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1bd9caf14a2bdc0d40dcd5712fe1e6c5256a88a3a2178b09eaf098c1ab26d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:24 GMT
Server: nginx
ETag: "641dc4a4-1a32f"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 107311
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK tonya.jpg
www.toadgivesback.org/images/staff/ 154 KB
155 KB 144ms
144ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/tonya.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dcbc2524bcb15a49033c34984bab661375ed09f1f7d24ec4d8d28c9cebcbdc0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:22 GMT
Server: nginx
ETag: "641dc4a2-268e5"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 157925
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK 9.jpg
www.toadgivesback.org/images/staff/ 86 KB
86 KB 134ms
134ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/9.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e9f902321d42242e7879e420fe750a362106a924e6ae4753334284d233267095

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:23 GMT
Server: nginx
ETag: "641dc4a3-15695"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 87701
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK 9b.jpg
www.toadgivesback.org/images/staff/ 235 KB
235 KB 136ms
136ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/staff/9b.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c0d81a1f121b9cd6d731dd73252a5580bf4f42e541d3b4eb13a93c86fe9c0218

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Fri, 24 Mar 2023 15:41:28 GMT
Server: nginx
ETag: "641dc4a8-3aa3e"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 240190
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK jquery.js Show response
toadgivesback.travelonadream.com/js/vendor/ 83 KB
34 KB 136ms
135ms Script
application/javascript 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/js/vendor/jquery.js
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f954b593b86bee3f385eae6cca41e6850ef74815d4dc02d192b5aeeb8cb10489

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 15:41:32 GMT
Server: nginx
ETag: W/"641dc4ac-14a6b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:36 GMT

GET
H/1.1 200
OK foundation.min.js Show response
toadgivesback.travelonadream.com/js/ 7 KB
3 KB 137ms
136ms Script
application/javascript 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/js/foundation.min.js
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5588c8382ecf336767caaf015b4efd35fb4a95db9d5cb7fb62620e4ef8b0c4cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 15:40:41 GMT
Server: nginx
ETag: W/"641dc479-1a97"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://toadgivesback.travelonadream.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 527563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 15:24:53 GMT

GET
H2 200 form.html Show response
www.toadgivesback.org/ Frame A848 3 KB
1 KB 694ms
133ms Document
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://www.toadgivesback.org/form.html
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b89a8171cc7fe65ff441678fcb193838d7cbb65e308828101286d747f7372017

Request headers

Referer: http://toadgivesback.travelonadream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=15552000
content-encoding: br
content-type: text/html
date: Fri, 26 May 2023 17:57:37 GMT
etag: W/"6421aea0-dea"
expires: Wed, 22 Nov 2023 17:57:37 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Mon, 27 Mar 2023 14:56:32 GMT
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: DT:1

GET
H2 200 formsm.html Show response
www.toadgivesback.org/ Frame 7ACE 3 KB
1 KB 698ms
138ms Document
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://www.toadgivesback.org/formsm.html
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae046f1592296a6a3c293c1f4fdc6606b08922530de76f79c9ae892c38335ec2

Request headers

Referer: http://toadgivesback.travelonadream.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=15552000
content-encoding: br
content-type: text/html
date: Fri, 26 May 2023 17:57:37 GMT
etag: W/"6421ad98-d90"
expires: Wed, 22 Nov 2023 17:57:37 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Mon, 27 Mar 2023 14:52:08 GMT
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: DT:1

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a3735c8a9808134ea452c8f9cafb02d9ed5a4eba03ec292c397a6e6839395be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 404
Not Found .jpg
toadgivesback.travelonadream.com/img/ 9 KB
9 KB 138ms
138ms Image
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://toadgivesback.travelonadream.com/img/.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/css/foundation.css
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 412fb4c03dc82c2545707d5b6ebf648bb16de5422fd298895c8a4320ebbe1f13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/css/foundation.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
X-Httpd: 1
X-Proxy-Cache-Info: 0 NC:000000 UP:
Connection: keep-alive
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS

GET
H/1.1 200
OK b.jpg
www.toadgivesback.org/images/ 1 MB
1 MB 144ms
144ms Image
image/jpeg 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/b.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/css/foundation.css
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa3906e491d583007242182788dc9f878a4f545cbed228d324039124c9673884

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Sat, 25 Mar 2023 18:29:26 GMT
Server: nginx
ETag: "641f3d86-135e9a"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 1269402
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK shirt.png
www.toadgivesback.org/images/ 449 KB
449 KB 135ms
135ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/shirt.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/css/foundation.css
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bebbc30e6def584290a889f8aecf3a355295c706689ec8312c7edfc370da0f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:40 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:36 GMT
Server: nginx
ETag: "641dc474-703f3"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 459763
Expires: Sat, 25 May 2024 17:57:40 GMT

GET
H/1.1 200
OK a.png
www.toadgivesback.org/images/ 1 MB
1 MB 136ms
136ms Image
image/png 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/a.png
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/css/foundation.css
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 498be4fea552d7d03094cc5a22616cb5379233ad2df414c75a31892be02926aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:41 GMT
Last-Modified: Fri, 24 Mar 2023 15:40:40 GMT
Server: nginx
ETag: "641dc478-176fc7"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
Content-Length: 1535943
Expires: Sat, 25 May 2024 17:57:41 GMT

GET
H/1.1 404
Not Found top.jpg
toadgivesback.travelonadream.com/img/ 55 KB
55 KB 142ms
142ms Image
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://toadgivesback.travelonadream.com/img/top.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/css/foundation.css
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4083c5d237e05aa2f7c5bbcac948f430bc37dd2466a071e00cc91aef4a789eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/css/foundation.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
X-Httpd: 1
X-Proxy-Cache-Info: 0 NC:000000 UP:
Connection: keep-alive
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS

GET
H/1.1 200
OK toad.otf
toadgivesback.travelonadream.com/ 63 KB
44 KB 137ms
136ms Font
font/opentype 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: http://toadgivesback.travelonadream.com/toad.otf
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d91df04f8981b608aab63a3ed5e8f022b86fe704f9562ffce1fb5a49f8cd47cd

Request headers

Referer: http://toadgivesback.travelonadream.com/
Origin: http://toadgivesback.travelonadream.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Mar 2023 15:40:31 GMT
Server: nginx
ETag: W/"641dc46f-fa94"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: font/opentype
X-Proxy-Cache-Info: DT:1
Cache-Control: max-age=31536000
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Sat, 25 May 2024 17:57:37 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 54ms
29ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://toadgivesback.travelonadream.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:36 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1541727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCcGx2ViwkZeTBnfMGPk2RUJuw4VCQewf6wCjSdpfEUhR6pw%2F3UXX%2BsprevhgfI8NbkKG5cZSwOnk9NH9FVaKvDu6j%2BL8CgNQ34Vw5cynCwB8o1lMgK6R4T%2FzGBE7ufZMIdiWgzamOVaot2vQXDP8AqC"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cd7e6ca1ae53aa3-FRA
expires: Wed, 15 May 2024 17:57:36 GMT

GET
H/1.1 404
Not Found x.jpg
www.toadgivesback.org/images/ 0
0 138ms
137ms Image
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.toadgivesback.org/images/x.jpg
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H/1.1 404
Not Found loading.gif
toadgivesback.travelonadream.com/facefiles/ 8 KB
8 KB 139ms
139ms Image
text/html 35.209.197.61
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://toadgivesback.travelonadream.com/facefiles/loading.gif
Requested by: Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/
Protocol: HTTP/1.1
Server: 35.209.197.61 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 61.197.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9321ba56a2159ff8c9a0ede6e681785029ff445e9a0966da8d61d2246288cc83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://toadgivesback.travelonadream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 17:57:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
X-Httpd: 1
X-Proxy-Cache-Info: 0 NC:000000 UP:
Connection: keep-alive
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS

GET
H2 200 css2
fonts.googleapis.com/ Frame A848 7 KB
793 B 35ms
33ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2350add23b4c7a29e50ed33c3a4ec8af8fff2cc389981510d5e60e552e4944bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.toadgivesback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 17:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 16:07:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 17:57:37 GMT

GET
H2 200 16921496-e043-4a10-a34a-4c36c3a4d019 Show response
www.zeffy.com/en-US/embed/donation-form/ Frame 5E63 212 KB
48 KB 516ms
430ms Document
text/html 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

824e950950ebea71aad0c63db0e78f27b4615962fc62c7e34121fae8ee0ecf25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.toadgivesback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=1, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6cede992bda-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:57:38 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: ALLOWALL
x-nextjs-cache: STALE
x-powered-by: Next.js
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 7ACE 7 KB
817 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/formsm.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2350add23b4c7a29e50ed33c3a4ec8af8fff2cc389981510d5e60e552e4944bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.toadgivesback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 May 2023 17:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 May 2023 16:39:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 May 2023 17:57:37 GMT

GET
H2 200 16921496-e043-4a10-a34a-4c36c3a4d019 Show response
www.zeffy.com/en-US/embed/donation-form/ Frame 7802 212 KB
49 KB 513ms
429ms Document
text/html 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/formsm.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

c15a9eaad854948a3c646dd6aa80c745e50281e04b0e7d44645c2ddd37c00380

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.toadgivesback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=1, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6cede9c2bda-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:57:38 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: ALLOWALL
x-nextjs-cache: STALE
x-powered-by: Next.js
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A848 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.toadgivesback.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 507241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 21:03:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5E63 288 KB
86 KB 93ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29448ab40871629a247547503cc881a533183e2014a01ad20bbe638bd2fca94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87704
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H2 200 15e10f8f93c55b3b.css
www.zeffy.com/_next/static/css/ Frame 5E63 5 KB
1 KB 34ms
33ms Stylesheet
text/css 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/css/15e10f8f93c55b3b.css

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a54eed044ea0a420ae8958939ca98b99499a3c8b7d5907a8c783ddd1c4f4af43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 883286
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d19a4b2bda-FRA

GET
H2 200 817ceb2512c424ae.css
www.zeffy.com/_next/static/css/ Frame 5E63 87 KB
47 KB 36ms
34ms Stylesheet
text/css 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/css/817ceb2512c424ae.css

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba025fe507427992b581796332e1d9becef3d74770c172baa03a69c119bd3ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 4951128
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 09:54:12 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d19a4c2bda-FRA

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 5E63 100 B
191 B 89ms
26ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.fr,Intl.~locale.en

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:57:38 GMT
age: 927214
detected-user-agent: Chrome/113.0.0
useragent_normaliser: chrome/113.0.0
server-timing: HIT-WAIT, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 2614165.js Show response
js.hs-scripts.com/ Frame 5E63 3 KB
830 B 454ms
384ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2614165.js
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92da91c1f5f4c858a7ed846b190fbf58f768816a4e7d0de923c567e30d7127ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: ba8ec6b6-86be-4311-8aef-55054570c7b3
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 96be92af-9867-41dd-a74b-7d0053dd30f4
last-modified: Fri, 26 May 2023 17:04:52 GMT
server: cloudflare
x-trace: 2B4625CF73513BEF8DE355DC31025E7F656B2D7AB5000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-r8kfs
cf-ray: 7cd7e6d20d7f9b58-FRA
expires: Fri, 26 May 2023 17:58:38 GMT

GET
H2 200 webpack-adc38da9f187b2d7.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 7 KB
3 KB 66ms
49ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8a6d7e23d1e78a60dc8e163ea622481887cb30b91a6db8112dfaaf6b8853618a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26858
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba6b2bda-FRA

GET
H2 200 framework-f71663e0aec1c55a.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 206 KB
58 KB 65ms
48ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/framework-f71663e0aec1c55a.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b6228dd941ebabcc25da241f84f710346eaf65cbe3eb836fe1026312515629ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: c4fb357e-f0c3-4581-b2eb-53fbd365c86c
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba6c2bda-FRA

GET
H2 200 main-a68cfb1513b9f2a4.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 230 KB
74 KB 86ms
69ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/main-a68cfb1513b9f2a4.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4937acc11d18ff59f464a7613ee414c01a63299b6ad0aa14ca356c81914aa7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 73489
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba6f2bda-FRA

GET
H2 200 _app-6fbacfe579fa448e.js Show response
www.zeffy.com/_next/static/chunks/pages/ Frame 5E63 1 MB
321 KB 91ms
74ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1fd27aee94584421f3ac89f53a06704e4f1d6d2d19f625b19cdbfb480954c4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26174
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba702bda-FRA

GET
H2 200 62cf2826-e14a033c618cacfa.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 69 KB
22 KB 66ms
49ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/62cf2826-e14a033c618cacfa.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a85281967db603ccabf2f0672f393057e59ed32f52e3a7a9275a18f6f2309481

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 85895
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba722bda-FRA

GET
H2 200 8334-4984a2c7758d1a71.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 30 KB
9 KB 62ms
45ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8334-4984a2c7758d1a71.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d27ffc19fa97ac2f4f330f8fc1dc9e62d2893d7dbea11e77dcf690bae7ecb0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 838431
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba732bda-FRA

GET
H2 200 1800-a2e227347718fe27.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 29 KB
10 KB 68ms
51ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/1800-a2e227347718fe27.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e964e65af00fd11b434cb31ad3fed557af38e83004d5a081faa4fb04d2c57697

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 883286
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba762bda-FRA

GET
H2 200 7812-fd75e56f5fa4b656.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 22 KB
9 KB 76ms
60ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7812-fd75e56f5fa4b656.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d93363292840cac5afb90a6018788197423d254c785f5c66b44d64834f054364

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 4429603
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 10:24:53 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba782bda-FRA

GET
H2 200 9097-2cfa87802398fb7e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 6 KB
2 KB 63ms
47ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9097-2cfa87802398fb7e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bfa3d6c1a0223a487f5c8a0e7f69f2e670c8b0896a95868b8f8238936fd01748

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: f11c1ea8-d245-4f1f-a661-6936a2958735
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba792bda-FRA

GET
H2 200 8398-1ab0adee2a494725.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 5 KB
2 KB 63ms
47ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8398-1ab0adee2a494725.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b1ad83351a34b8be86a67a09e2882f640ea25ba5ecf712771c6545e85f2e9ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 92ecbc74-c595-4027-b4dc-375d32ab59b6
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba7a2bda-FRA

GET
H2 200 4143-41403687a66a0f9d.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 8 KB
3 KB 60ms
44ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4143-41403687a66a0f9d.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

85a1a68bf6d15528b36d83e2b1065a00013d9e0e845a99400e0b3b81a11ae279

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 3708087
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Apr 2023 12:20:17 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba7b2bda-FRA

GET
H2 200 4208-5ad1bf4e1f6322d8.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 10 KB
4 KB 76ms
60ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4208-5ad1bf4e1f6322d8.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f386fb273c9d5a5556496dd64ec4bdb6cb40321b50491020db839c313b2a8674

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 3d7b583f-ca3e-4815-96b3-d22f6186bd89
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba7d2bda-FRA

GET
H2 200 2884-2bb908864239f8f5.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 12 KB
5 KB 76ms
61ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/2884-2bb908864239f8f5.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c881c022703036e784b8c0b1856c3784fe5db36d5eb066ca7e30d7a763d6882e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 887378
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba7f2bda-FRA

GET
H2 200 3955-815ef0e033c65519.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 24 KB
9 KB 80ms
65ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/3955-815ef0e033c65519.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5b8995d9fdee21ad2c1b10dc231b0b161579a02f42cb60b062c311938bb3683b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: d46cc58b-3bf5-41be-ac71-1edd9c4c7456
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba802bda-FRA

GET
H2 200 30-31854360277d8a1b.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 30 KB
11 KB 63ms
48ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/30-31854360277d8a1b.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

44e1d6a090660fe50419b6ab1540aa18520a37bf69b1d38e95db0f0e6256a11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 7cfa3b7a-7efb-435c-a220-d271164b442b
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba812bda-FRA

GET
H2 200 7381-5e5be34a4c3ef43e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 9 KB
4 KB 80ms
65ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7381-5e5be34a4c3ef43e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

804d181f8aa441893a311804085fa4b7fd96899830a2bb375be6ed73cf7d5741

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: de31769f-028a-492c-9807-302926d6fd33
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba822bda-FRA

GET
H2 200 9908-be9a6a4c5bb981c4.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 16 KB
5 KB 76ms
61ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9908-be9a6a4c5bb981c4.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1691aeac47c082c51ebbba3e5f69f7fda438261cd19a7962b34b04c6a30aea9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 593562
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 20:49:45 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba832bda-FRA

GET
H2 200 7657-e263616f7eb0e35b.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 34 KB
7 KB 79ms
64ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7657-e263616f7eb0e35b.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5de06ab0648dac21eff7a73936a190464857f4ef3c5dcdf848e69084dea8f092

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 7459f71f-d06c-423c-bcee-f7a182718513
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba842bda-FRA

GET
H2 200 7473-72181f8309ec12cf.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 8 KB
3 KB 65ms
50ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7473-72181f8309ec12cf.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2720537219df714de9bb319acb58e5a8873b7e7f27ed47cb7cbe9102d03ee2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 1644502a-051a-48db-8d7f-1d95e20147cd
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba852bda-FRA

GET
H2 200 9662-1f0524f8142ee0f1.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 8 KB
3 KB 75ms
60ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9662-1f0524f8142ee0f1.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

dde11429855ae6bef01854938b46fdeec6514ae8c99ac7066453ec9b9fa1b3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 2698027
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Apr 2023 21:39:55 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba862bda-FRA

GET
H2 200 749-a8cc08510d437a95.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 149 KB
47 KB 81ms
67ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/749-a8cc08510d437a95.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

da93b400ca2b4f825acd54d23494a67cb8038174a310659e4796aa394a1130bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: f3f12d47-9079-4f8d-8c9f-502e627fb3c4
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba872bda-FRA

GET
H2 200 8375-bb7f99d8939fc8d2.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 10 KB
4 KB 77ms
62ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8375-bb7f99d8939fc8d2.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

df3026d4128d539db08ce599956c426927aa513f2278d801ce8846f91e05f491

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 282004
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 09:51:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba882bda-FRA

GET
H2 200 6230-fe6643f68490b7ea.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 20 KB
8 KB 82ms
68ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6230-fe6643f68490b7ea.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

76b1b57488f0a0c84bea686385825dd5de03af2cb833b9e8c4da8188fe1315c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 282004
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 09:51:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba8a2bda-FRA

GET
H2 200 3325-b17086e938dfd39e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 25 KB
9 KB 78ms
64ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/3325-b17086e938dfd39e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0287dacd78b259bcde50ae3dd87d7170a5f629f83f90062dabeef3a68f1c0b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 1390041
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 09 May 2023 16:49:22 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba8b2bda-FRA

GET
H2 200 2961-e96e9beaae4b34a5.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 30 KB
9 KB 76ms
62ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/2961-e96e9beaae4b34a5.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0c26d986932eb4454dce8cc5a1e48bc67b48026f203820970795d16a0ec6a9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 176694
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 24 May 2023 15:50:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba8c2bda-FRA

GET
H2 200 7632-e528aafda649f9e7.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 46 KB
11 KB 77ms
63ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7632-e528aafda649f9e7.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e698dba9144a138fa69c3bbe1f6da7626c87e5ce8a1b7359d0cf05e1719bfa87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 200294
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 24 May 2023 09:14:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba8e2bda-FRA

GET
H2 200 5684-fed788d0b12fe099.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 34 KB
8 KB 84ms
70ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5684-fed788d0b12fe099.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0a4bfea3693619453b7d133988d11750b0528801f62dc05e7cd45c87df0e2a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 282006
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 09:51:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba922bda-FRA

GET
H2 200 4557-b6e38a8555b21012.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 27 KB
8 KB 76ms
62ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4557-b6e38a8555b21012.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8f9b4d3db4f0d55ea7e9025892b99bcb10f5f2d546b4f7f51d4760b2b8f00342

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26856
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba932bda-FRA

GET
H2 200 8814-81ad304f690232e6.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 103 KB
28 KB 65ms
51ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8814-81ad304f690232e6.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

33267d46983d8858b3616603bf4dda5c660e05e8b27485a0b25125769f52564c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26853
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba942bda-FRA

GET
H2 200 4439-045c11d8a88fc329.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 23 KB
7 KB 75ms
61ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4439-045c11d8a88fc329.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

329ee85431436cadb7b38cfcd7ff3381a6b49cccbda67efce3537f1e11c77410

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 65076
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba952bda-FRA

GET
H2 200 %5BdonationFormId%5D-402275792a97819b.js Show response
www.zeffy.com/_next/static/chunks/pages/embed/donation-form/ Frame 5E63 84 KB
22 KB 80ms
66ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/pages/embed/donation-form/%5BdonationFormId%5D-402275792a97819b.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

892bd0f1212be3aa2edbf394b3c5f152618b173b0e3feda1cb63e47020fa2e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 176587
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 24 May 2023 15:50:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba972bda-FRA

GET
H2 200 _buildManifest.js Show response
www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/ Frame 5E63 18 KB
5 KB 62ms
48ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/_buildManifest.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

abf60938fb4ed72b9bff3ca114c995a7e4e4f5b0f1ae550d72ce4ede506e018a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26174
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba982bda-FRA

GET
H2 200 _ssgManifest.js Show response
www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/ Frame 5E63 3 KB
727 B 61ms
48ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/_ssgManifest.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bd4b5082f4187b38d8697a256e61f50507a837b121f14d58b69d37deb6362c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 29932
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:55 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba992bda-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 7802 288 KB
86 KB 123ms
81ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29448ab40871629a247547503cc881a533183e2014a01ad20bbe638bd2fca94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87704
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H2 200 15e10f8f93c55b3b.css
www.zeffy.com/_next/static/css/ Frame 7802 5 KB
1 KB 57ms
44ms Stylesheet
text/css 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/css/15e10f8f93c55b3b.css

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a54eed044ea0a420ae8958939ca98b99499a3c8b7d5907a8c783ddd1c4f4af43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 883286
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba682bda-FRA

GET
H2 200 817ceb2512c424ae.css
www.zeffy.com/_next/static/css/ Frame 7802 87 KB
47 KB 49ms
36ms Stylesheet
text/css 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/css/817ceb2512c424ae.css

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba025fe507427992b581796332e1d9becef3d74770c172baa03a69c119bd3ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 4951128
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 09:54:12 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba6a2bda-FRA

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 7802 100 B
677 B 82ms
25ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.fr,Intl.~locale.en

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:57:38 GMT
age: 927214
detected-user-agent: Chrome/113.0.0
useragent_normaliser: chrome/113.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 2614165.js Show response
js.hs-scripts.com/ Frame 7802 3 KB
1 KB 203ms
138ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2614165.js
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d747302c3c455596fad85ef07322010feb94ff6bfec81fbcbf1ba8007d57b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: c83956bb-b41d-4b7d-b761-ebad3523a494
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dca7536e-c43b-446f-9f43-7538e6011641
last-modified: Fri, 26 May 2023 17:04:52 GMT
server: cloudflare
x-trace: 2B6D34CB16D8DF9261F5279C9863983161980379B5000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-xrsrb
cf-ray: 7cd7e6d20d839b58-FRA
expires: Fri, 26 May 2023 17:58:38 GMT

GET
H2 200 webpack-adc38da9f187b2d7.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 7 KB
3 KB 60ms
47ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8a6d7e23d1e78a60dc8e163ea622481887cb30b91a6db8112dfaaf6b8853618a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26858
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba9a2bda-FRA

GET
H2 200 framework-f71663e0aec1c55a.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 206 KB
58 KB 76ms
64ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/framework-f71663e0aec1c55a.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b6228dd941ebabcc25da241f84f710346eaf65cbe3eb836fe1026312515629ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: c4fb357e-f0c3-4581-b2eb-53fbd365c86c
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba9c2bda-FRA

GET
H2 200 main-a68cfb1513b9f2a4.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 230 KB
74 KB 76ms
64ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/main-a68cfb1513b9f2a4.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4937acc11d18ff59f464a7613ee414c01a63299b6ad0aa14ca356c81914aa7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 73489
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba9d2bda-FRA

GET
H2 200 _app-6fbacfe579fa448e.js Show response
www.zeffy.com/_next/static/chunks/pages/ Frame 7802 1 MB
321 KB 87ms
74ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1fd27aee94584421f3ac89f53a06704e4f1d6d2d19f625b19cdbfb480954c4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26174
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1ba9e2bda-FRA

GET
H2 200 62cf2826-e14a033c618cacfa.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 69 KB
22 KB 73ms
61ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/62cf2826-e14a033c618cacfa.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a85281967db603ccabf2f0672f393057e59ed32f52e3a7a9275a18f6f2309481

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 85895
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baa02bda-FRA

GET
H2 200 8334-4984a2c7758d1a71.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 30 KB
9 KB 61ms
49ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8334-4984a2c7758d1a71.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d27ffc19fa97ac2f4f330f8fc1dc9e62d2893d7dbea11e77dcf690bae7ecb0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 838431
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baa12bda-FRA

GET
H2 200 1800-a2e227347718fe27.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 29 KB
10 KB 60ms
48ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/1800-a2e227347718fe27.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e964e65af00fd11b434cb31ad3fed557af38e83004d5a081faa4fb04d2c57697

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 883286
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baa52bda-FRA

GET
H2 200 7812-fd75e56f5fa4b656.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 22 KB
9 KB 60ms
48ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7812-fd75e56f5fa4b656.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d93363292840cac5afb90a6018788197423d254c785f5c66b44d64834f054364

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 4429603
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 10:24:53 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baa62bda-FRA

GET
H2 200 9097-2cfa87802398fb7e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 6 KB
2 KB 59ms
47ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9097-2cfa87802398fb7e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bfa3d6c1a0223a487f5c8a0e7f69f2e670c8b0896a95868b8f8238936fd01748

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: f11c1ea8-d245-4f1f-a661-6936a2958735
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baa72bda-FRA

GET
H2 200 8398-1ab0adee2a494725.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 5 KB
2 KB 61ms
49ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8398-1ab0adee2a494725.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b1ad83351a34b8be86a67a09e2882f640ea25ba5ecf712771c6545e85f2e9ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 92ecbc74-c595-4027-b4dc-375d32ab59b6
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baa82bda-FRA

GET
H2 200 4143-41403687a66a0f9d.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 8 KB
3 KB 61ms
49ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4143-41403687a66a0f9d.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

85a1a68bf6d15528b36d83e2b1065a00013d9e0e845a99400e0b3b81a11ae279

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 3708087
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Apr 2023 12:20:17 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baa92bda-FRA

GET
H2 200 4208-5ad1bf4e1f6322d8.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 10 KB
4 KB 90ms
78ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4208-5ad1bf4e1f6322d8.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f386fb273c9d5a5556496dd64ec4bdb6cb40321b50491020db839c313b2a8674

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 3d7b583f-ca3e-4815-96b3-d22f6186bd89
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baaa2bda-FRA

GET
H2 200 2884-2bb908864239f8f5.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 12 KB
5 KB 70ms
59ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/2884-2bb908864239f8f5.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c881c022703036e784b8c0b1856c3784fe5db36d5eb066ca7e30d7a763d6882e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 887378
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baab2bda-FRA

GET
H2 200 3955-815ef0e033c65519.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 24 KB
9 KB 80ms
69ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/3955-815ef0e033c65519.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5b8995d9fdee21ad2c1b10dc231b0b161579a02f42cb60b062c311938bb3683b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: d46cc58b-3bf5-41be-ac71-1edd9c4c7456
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baac2bda-FRA

GET
H2 200 30-31854360277d8a1b.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 30 KB
11 KB 71ms
61ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/30-31854360277d8a1b.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

44e1d6a090660fe50419b6ab1540aa18520a37bf69b1d38e95db0f0e6256a11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 7cfa3b7a-7efb-435c-a220-d271164b442b
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baae2bda-FRA

GET
H2 200 7381-5e5be34a4c3ef43e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 9 KB
4 KB 71ms
62ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7381-5e5be34a4c3ef43e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

804d181f8aa441893a311804085fa4b7fd96899830a2bb375be6ed73cf7d5741

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: de31769f-028a-492c-9807-302926d6fd33
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baaf2bda-FRA

GET
H2 200 9908-be9a6a4c5bb981c4.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 16 KB
5 KB 70ms
61ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9908-be9a6a4c5bb981c4.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1691aeac47c082c51ebbba3e5f69f7fda438261cd19a7962b34b04c6a30aea9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 593562
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 20:49:45 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bab12bda-FRA

GET
H2 200 7657-e263616f7eb0e35b.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 34 KB
7 KB 81ms
73ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7657-e263616f7eb0e35b.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5de06ab0648dac21eff7a73936a190464857f4ef3c5dcdf848e69084dea8f092

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 7459f71f-d06c-423c-bcee-f7a182718513
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bab22bda-FRA

GET
H2 200 7473-72181f8309ec12cf.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 8 KB
3 KB 73ms
65ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7473-72181f8309ec12cf.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2720537219df714de9bb319acb58e5a8873b7e7f27ed47cb7cbe9102d03ee2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 1644502a-051a-48db-8d7f-1d95e20147cd
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bab52bda-FRA

GET
H2 200 9662-1f0524f8142ee0f1.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 8 KB
3 KB 68ms
60ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/9662-1f0524f8142ee0f1.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

dde11429855ae6bef01854938b46fdeec6514ae8c99ac7066453ec9b9fa1b3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 2698027
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Apr 2023 21:39:55 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bab62bda-FRA

GET
H2 200 749-a8cc08510d437a95.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 149 KB
47 KB 75ms
67ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/749-a8cc08510d437a95.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

da93b400ca2b4f825acd54d23494a67cb8038174a310659e4796aa394a1130bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 7367626
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: f3f12d47-9079-4f8d-8c9f-502e627fb3c4
last-modified: Thu, 02 Mar 2023 09:30:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bab82bda-FRA

GET
H2 200 8375-bb7f99d8939fc8d2.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 10 KB
4 KB 74ms
66ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8375-bb7f99d8939fc8d2.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

df3026d4128d539db08ce599956c426927aa513f2278d801ce8846f91e05f491

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 282004
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 09:51:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1babb2bda-FRA

GET
H2 200 6230-fe6643f68490b7ea.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 20 KB
8 KB 70ms
62ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6230-fe6643f68490b7ea.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

76b1b57488f0a0c84bea686385825dd5de03af2cb833b9e8c4da8188fe1315c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 282004
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 09:51:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1babd2bda-FRA

GET
H2 200 3325-b17086e938dfd39e.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 25 KB
9 KB 72ms
64ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/3325-b17086e938dfd39e.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0287dacd78b259bcde50ae3dd87d7170a5f629f83f90062dabeef3a68f1c0b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 1390041
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 09 May 2023 16:49:22 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1babf2bda-FRA

GET
H2 200 2961-e96e9beaae4b34a5.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 30 KB
9 KB 76ms
68ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/2961-e96e9beaae4b34a5.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0c26d986932eb4454dce8cc5a1e48bc67b48026f203820970795d16a0ec6a9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 176694
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 24 May 2023 15:50:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bac12bda-FRA

GET
H2 200 7632-e528aafda649f9e7.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 46 KB
11 KB 69ms
62ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7632-e528aafda649f9e7.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e698dba9144a138fa69c3bbe1f6da7626c87e5ce8a1b7359d0cf05e1719bfa87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 200294
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 24 May 2023 09:14:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bac42bda-FRA

GET
H2 200 5684-fed788d0b12fe099.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 34 KB
8 KB 74ms
67ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5684-fed788d0b12fe099.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0a4bfea3693619453b7d133988d11750b0528801f62dc05e7cd45c87df0e2a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 282006
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 23 May 2023 09:51:44 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bac52bda-FRA

GET
H2 200 4557-b6e38a8555b21012.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 27 KB
8 KB 71ms
64ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4557-b6e38a8555b21012.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8f9b4d3db4f0d55ea7e9025892b99bcb10f5f2d546b4f7f51d4760b2b8f00342

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26856
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bac62bda-FRA

GET
H2 200 8814-81ad304f690232e6.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 103 KB
28 KB 75ms
68ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/8814-81ad304f690232e6.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

33267d46983d8858b3616603bf4dda5c660e05e8b27485a0b25125769f52564c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26853
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bac72bda-FRA

GET
H2 200 4439-045c11d8a88fc329.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 23 KB
7 KB 72ms
66ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4439-045c11d8a88fc329.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

329ee85431436cadb7b38cfcd7ff3381a6b49cccbda67efce3537f1e11c77410

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 65076
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bac82bda-FRA

GET
H2 200 %5BdonationFormId%5D-402275792a97819b.js Show response
www.zeffy.com/_next/static/chunks/pages/embed/donation-form/ Frame 7802 84 KB
22 KB 76ms
69ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/pages/embed/donation-form/%5BdonationFormId%5D-402275792a97819b.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

892bd0f1212be3aa2edbf394b3c5f152618b173b0e3feda1cb63e47020fa2e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 176587
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 24 May 2023 15:50:36 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1baca2bda-FRA

GET
H2 200 _buildManifest.js Show response
www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/ Frame 7802 18 KB
5 KB 73ms
66ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/_buildManifest.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

abf60938fb4ed72b9bff3ca114c995a7e4e4f5b0f1ae550d72ce4ede506e018a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 26174
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:04 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bacb2bda-FRA

GET
H2 200 _ssgManifest.js Show response
www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/ Frame 7802 3 KB
758 B 72ms
65ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/c6aETXTku1_60WmyovRj_/_ssgManifest.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bd4b5082f4187b38d8697a256e61f50507a837b121f14d58b69d37deb6362c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 29932
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:44:55 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d1bacc2bda-FRA

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 5E63 118 KB
46 KB 89ms
39ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-TD858CV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2397ce6d4708b01af88c8a855d9a071732ad8906cd3dc23326a7864d1d841d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46970
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5E63 51 KB
21 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 16:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4924
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 26 May 2023 18:35:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 5E63 106 KB
28 KB 79ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fee08728b501812ba1c44658ad4ef459c107d78bd6e5b27c8ff80f110c34c04

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27500
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KK8TNGn7J1wqI5yybiAN7MS8RydgKCiA/CMUX19qjRMBrlMBZCohhC2smMZyjLE8a9FIW243Yn6EtTY745c64A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 w5713re4 Show response
widget.intercom.io/widget/ Frame 5E63 7 KB
3 KB 81ms
23ms Script
application/javascript 13.224.189.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/w5713re4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23ccc6e5ed1b6549eeb6cd2c7ac99544ead22235ca742a1160b1af15607c27ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: d0qMri2meo4Cgy1RgbO1eGs81NbhEYXv
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
date: Fri, 26 May 2023 17:43:19 GMT
x-amz-cf-pop: FRA2-C1
age: 1149
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2676
last-modified: Fri, 26 May 2023 15:22:15 GMT
server: AmazonS3
etag: "1c980b09751f505c1c149e5396adbe0e"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: tEzMcOS2tpQwLACONIoQqEru-JglFJ-G0LYHnzFreACyNsKjoT1y4Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5E63 249 KB
84 KB 61ms
58ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-173QX444NK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e661136d2165abc6c30d73f80841c193960b40618255df0741e3fb95ce2a4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H2 404 data
gtm.zeffy.com/ Frame 5E63 0
0 410ms
378ms Image
text/plain 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm.zeffy.com/data?v=2&event_name=page_view&dtdc=eyJwYWdlX2xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuemVmZnkuY29tL2VuLVVTL2VtYmVkL2RvbmF0aW9uLWZvcm0vMTY5MjE0OTYtZTA0My00YTEwLWEzNGEtNGMzNmMzYTRkMDE5IiwicGFnZV9ob3N0bmFtZSI6Ind3dy56ZWZmeS5jb20iLCJwYWdlX3JlZmVycmVyIjoiaHR0cHM6Ly93d3cudG9hZGdpdmVzYmFjay5vcmcvIiwicGFnZV90aXRsZSI6IkRvbmF0ZSIsInBhZ2VfZW5jb2RpbmciOiJVVEYtOCIsImFjdGlvbl9zb3VyY2UiOiJ3ZWJzaXRlIiwiZmlyc3RfcGFydHlfY29sbGVjdGlvbiI6InRydWUiLCJldmVudF9pZCI6IjE2ODUxMjQ3NTY2OTlfMTY4NTEyNDA4ODM4MDEifQ%3D%3D
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 5E63 19 KB
7 KB 99ms
57ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7cd7e6d338593643-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5E63 118 KB
46 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-82053185-9

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/main-a68cfb1513b9f2a4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cbc63886ea763f5cea5d01a409c3934873c52933b9d3bb5201decee6a5bbc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46886
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5E63 118 KB
46 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-82053185-9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf88436d87ccded89fe4b4b68215f43d5aace1e63893c1a32558e5e3eacf16c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46850
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/ Frame 5E63
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js

15 KB
5 KB

45ms
44ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H3
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7cd7e6d74f24917c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 26 May 2023 17:57:38 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/b/938e2b5c/api.js
cache-control: max-age=300, public
cf-ray: 7cd7e6d37d0039e0-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 / Show response
o563579.ingest.sentry.io/api/5703794/envelope/ Frame 5E63 2 B
302 B 98ms
22ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o563579.ingest.sentry.io/api/5703794/envelope/?sentry_key=781fd8112e4243c1b089f1385fca29eb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.24.2

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 v3 Show response
js.stripe.com/ Frame 5E63 473 KB
114 KB 102ms
25ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/6230-fe6643f68490b7ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

70f006e9a4c3672a2aeadb0dc1647157ee15bcc17786757f29bb73ebecbf3eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:57:01 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 38
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:45:46 GMT
server: Cloudfront
etag: W/"f9ef5e70ca59fcd939da1d1011bccfc3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: mm9I-HY6Q65NYfkq2T6QTWEaEl0aNgomHG-fpGQcr5MruCkuBLJQmg==

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 7802 19 KB
7 KB 79ms
79ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7cd7e6d4ba8a3643-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7802 118 KB
46 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-82053185-9

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/main-a68cfb1513b9f2a4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecb71531224ec608a4f8b0cf1f11ce072541fec902cf144531fce0d400377f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46889
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 7802 118 KB
46 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-TD858CV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2397ce6d4708b01af88c8a855d9a071732ad8906cd3dc23326a7864d1d841d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46970
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 7802 51 KB
20 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 16:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4924
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 26 May 2023 18:35:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 7802 106 KB
27 KB 277ms
276ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fee08728b501812ba1c44658ad4ef459c107d78bd6e5b27c8ff80f110c34c04

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27500
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KK8TNGn7J1wqI5yybiAN7MS8RydgKCiA/CMUX19qjRMBrlMBZCohhC2smMZyjLE8a9FIW243Yn6EtTY745c64A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 w5713re4 Show response
widget.intercom.io/widget/ Frame 7802 7 KB
3 KB 22ms
21ms Script
application/javascript 13.224.189.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/w5713re4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23ccc6e5ed1b6549eeb6cd2c7ac99544ead22235ca742a1160b1af15607c27ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: d0qMri2meo4Cgy1RgbO1eGs81NbhEYXv
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
date: Fri, 26 May 2023 17:43:19 GMT
x-amz-cf-pop: FRA2-C1
age: 1149
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2676
last-modified: Fri, 26 May 2023 15:22:15 GMT
server: AmazonS3
etag: "1c980b09751f505c1c149e5396adbe0e"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: DreVLQup4m0P-PDBbse9CvFYI6Gxp448pt7uLaDy04G0ierGzaAW0w==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7802 249 KB
84 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-173QX444NK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e681e3c3bd8d02eaedf3348048cb5bd834c7f72146b6a6f225426d88f3f38c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7802 118 KB
46 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-82053185-9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b97bf57059659c8725a8d92958433216c33627ecbb250e9bfec581769f0d1647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46853
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:38 GMT

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/ Frame 7802
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js

15 KB
5 KB

45ms
43ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H3
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7cd7e6d7e815917c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 26 May 2023 17:57:38 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/938e2b5c/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7cd7e6d4bf1a39e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 data
gtm.zeffy.com/ Frame 7802 0
0 375ms
374ms Image
text/plain 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm.zeffy.com/data?v=2&event_name=page_view&dtdc=eyJwYWdlX2xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuemVmZnkuY29tL2VuLVVTL2VtYmVkL2RvbmF0aW9uLWZvcm0vMTY5MjE0OTYtZTA0My00YTEwLWEzNGEtNGMzNmMzYTRkMDE5IiwicGFnZV9ob3N0bmFtZSI6Ind3dy56ZWZmeS5jb20iLCJwYWdlX3JlZmVycmVyIjoiaHR0cHM6Ly93d3cudG9hZGdpdmVzYmFjay5vcmcvIiwicGFnZV90aXRsZSI6IkRvbmF0ZSIsInBhZ2VfZW5jb2RpbmciOiJVVEYtOCIsImFjdGlvbl9zb3VyY2UiOiJ3ZWJzaXRlIiwiZmlyc3RfcGFydHlfY29sbGVjdGlvbiI6InRydWUiLCJldmVudF9pZCI6IjE2ODUxMjQ3NTY2OTlfMTY4NTEyNDI5ODg4MDEifQ%3D%3D
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

POST
H2 200 / Show response
o563579.ingest.sentry.io/api/5703794/envelope/ Frame 7802 2 B
66 B 25ms
23ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o563579.ingest.sentry.io/api/5703794/envelope/?sentry_key=781fd8112e4243c1b089f1385fca29eb&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.24.2

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 v3 Show response
js.stripe.com/ Frame 7802 473 KB
114 KB 24ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/6230-fe6643f68490b7ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

70f006e9a4c3672a2aeadb0dc1647157ee15bcc17786757f29bb73ebecbf3eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:57:01 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 38
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:45:46 GMT
server: Cloudfront
etag: W/"f9ef5e70ca59fcd939da1d1011bccfc3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: F7UJ5MVdN2Fh9f6rmM2DXaQ13I0nlD2X05VsvnUPRccs8d9vXdmVDg==

GET
H2 200 2614165.js Show response
js.hs-scripts.com/ Frame 5E63 3 KB
689 B 34ms
33ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2614165.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98579d15526df6c518182d62a1761d38a82caccaddfdd1a1c1f48ee12b78897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:38 GMT
content-encoding: br
cf-cache-status: HIT
x-hubspot-correlation-id: ba8ec6b6-86be-4311-8aef-55054570c7b3
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=3006
age: 0
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 96be92af-9867-41dd-a74b-7d0053dd30f4
cf-bgj: minify
last-modified: Fri, 26 May 2023 17:57:38 GMT
server: cloudflare
x-trace: 2B4625CF73513BEF8DE355DC31025E7F656B2D7AB5000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-r8kfs
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7cd7e6d59ad19b58-FRA
expires: Fri, 26 May 2023 17:58:38 GMT

HEAD
H2 200 16921496-e043-4a10-a34a-4c36c3a4d019.json
www.zeffy.com/_next/data/c6aETXTku1_60WmyovRj_/en-US/embed/donation-form/ Frame 5E63 0
0 143ms
143ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/data/c6aETXTku1_60WmyovRj_/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019.json?donationFormId=16921496-e043-4a10-a34a-4c36c3a4d019

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

x-nextjs-data: 1
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
accept-language: de-DE,de;q=0.9
baggage: sentry-environment=production,sentry-release=00dcc5178e85f1ec031730b516a7bbccbd815c65,sentry-transaction=%2Fembed%2Fdonation-form%2F%5BdonationFormId%5D,sentry-public_key=781fd8112e4243c1b089f1385fca29eb,sentry-trace_id=e564a7bfa46e43929c68dd4417c08db6,sentry-sample_rate=0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
sentry-trace: e564a7bfa46e43929c68dd4417c08db6-a5a7f407a8035768-0

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-nextjs-matched-path: /en-US/embed/donation-form/[donationFormId]
via: 1.1 vegur
x-powered-by: Express
x-dns-prefetch-control: on
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=oeMydWw.zQ0DqDGaxmB1FSrBkcW5wTJw8abXhcf3OMc-1685123859-0-ARrDIp38r1AKBTIq6fFvdJuKLqW3JLD294hLdo6dC7GaStRMceEQl9x7zm0DKRbkp3rS9cEhbuSpeE011CXZBSgcQhEYXyBqryl96paOV6HiLB4x2lz_BXJjEsNGogl3e2QBxs3N74Tp0M2DjKF85a0; report-to cf-csp-endpoint
x-nextjs-cache: STALE
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=oeMydWw.zQ0DqDGaxmB1FSrBkcW5wTJw8abXhcf3OMc-1685123859-0-ARrDIp38r1AKBTIq6fFvdJuKLqW3JLD294hLdo6dC7GaStRMceEQl9x7zm0DKRbkp3rS9cEhbuSpeE011CXZBSgcQhEYXyBqryl96paOV6HiLB4x2lz_BXJjEsNGogl3e2QBxs3N74Tp0M2DjKF85a0"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: s-maxage=1, stale-while-revalidate
cf-ray: 7cd7e6d6a9422bda-FRA

HEAD
H2 200 16921496-e043-4a10-a34a-4c36c3a4d019.json
www.zeffy.com/_next/data/c6aETXTku1_60WmyovRj_/en-US/embed/donation-form/ Frame 7802 0
0 138ms
138ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/data/c6aETXTku1_60WmyovRj_/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019.json?donationFormId=16921496-e043-4a10-a34a-4c36c3a4d019

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

x-nextjs-data: 1
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
accept-language: de-DE,de;q=0.9
baggage: sentry-environment=production,sentry-release=00dcc5178e85f1ec031730b516a7bbccbd815c65,sentry-transaction=%2Fembed%2Fdonation-form%2F%5BdonationFormId%5D,sentry-public_key=781fd8112e4243c1b089f1385fca29eb,sentry-trace_id=7637fb59730f4353bc78a92936406bae,sentry-sample_rate=0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
sentry-trace: 7637fb59730f4353bc78a92936406bae-92b9ff077ed9bde4-0

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-nextjs-matched-path: /en-US/embed/donation-form/[donationFormId]
via: 1.1 vegur
x-powered-by: Express
x-dns-prefetch-control: on
x-nextjs-cache: HIT
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/json
cache-control: s-maxage=1, stale-while-revalidate
cf-ray: 7cd7e6d6c96d2bda-FRA

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 459ms
391ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6d77deebb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:39 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 5E63 150 B
208 B 467ms
467ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ae35c34f79ffc61c3277ef16481cf863303ede3f4d6d6cebdcb828ea78b046

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"96-lsB+JnllFRddxRVpSxbGtLBgf0c"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6d9edaf2bda-FRA

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ Frame 7802 545 KB
88 KB 90ms
40ms Script
application/javascript 2606:4700::6811:826e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:826e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-encoding: br
age: 73485
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js&cfRay=7cd0e4c9b9612ba2-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b2585633e816f12e4b5de8663cf46c30"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js
date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: gY.ddbQs4Pt.3p8HNDwQjbxkSRA75npf
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 46c5eea4-d0a4-4a82-852d-b66bc8437817
last-modified: Mon, 08 May 2023 08:57:34 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-mm66x
cf-ray: 7cd7e6d759fc2bdf-FRA
x-amz-cf-id: 1uKU6pbCe2DEAEQsUp6HD3OxuQdhmuJMQc2vvvHdlQdzUstpC9J-Sw==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ Frame 7802 75 KB
22 KB 86ms
31ms Script
application/javascript 2606:4700::6811:65ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:65ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa810202626ec84220cf406fedfd4ddd214dbd8d794e98cae03e25d68d43f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: rNxfcUvK5hzD5Zp1UfyYFc.HO4SajofG
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 352
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13303/bundles/project.js&cfRay=7cd7de41fd25698f-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1d1dce5c-8ae9-4942-bdab-aac39e653f6a
last-modified: Tue, 23 May 2023 08:10:34 UTC
server: cloudflare
etag: W/"bbf4edeb9ca2f6774ea4a317744093aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-s8xd8
cf-ray: 7cd7e6d76c279b33-FRA
x-amz-cf-id: lAG0RjTamVQjoFdt0Y4q7WvS3vp_zahUkhdAT-NJPinki8iAQXq1_A==
x-hs-target-asset: conversations-embed/static-1.13303/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2614165/ Frame 7802 208 KB
64 KB 201ms
149ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2614165/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa79ec5ac7aadfa8cb4026239848538c189c195e743eaa8b630a9cff71feff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: QgZRbbp5xmsOPODlVmqmfsAVtO3abCzB
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: WPFH8PETZA98MMZK
x-amz-server-side-encryption: AES256
x-amz-id-2: R1ANtcYRpPZ1O3lVXzNasTl0c+7iJwH9H74GdRY61ExHUAxWsHGUkmOHB07hcQl+Cb3g4fREUHs=
last-modified: Mon, 17 Apr 2023 15:07:40 GMT
server: cloudflare
etag: W/"04e46f95475a2db19f8320dd9dd742f6"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7cd7e6d76aa091e3-FRA
expires: Fri, 26 May 2023 18:02:39 GMT

GET
H2 200 2614165.js Show response
js.hs-analytics.net/analytics/1685123700000/ Frame 7802 66 KB
21 KB 235ms
183ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1685123700000/2614165.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55ee5826df8d2dd28559673a3ca87b16fdfdff65dc665cff4e8a2c8148695a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 8T36WJFE6QTDRHM3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 34
x-amz-id-2: SDKWU2FUp6jRyACzOil4ny35UQ0fZq1iDLkJr1vgPkSoEWbI8NXydbRm5rxQ1dESwXPpO9LMKMs=
x-evy-trace-listener: listener_https
x-request-id: 77036083-4c17-46f8-9d20-32e37dc0d10f
x-evy-trace-route-configuration: listener_https/all
last-modified: Sat, 20 May 2023 03:25:11 GMT
server: cloudflare
etag: W/"7d776d26b1b85eec3de8c5a8588f6e83"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7cd7e6d76de39bbf-FRA
expires: Fri, 26 May 2023 18:02:39 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame 7802 6 KB
3 KB 91ms
42ms Script
application/javascript 2606:4700::6810:75be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:75be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483ec486a8c947a82da6462397dbe386bebab6b2921f517c35e2b9cb53498c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: UWz6VDoRBzzIc_vph_dNl5MbrO6eX90N
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 128
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.377/bundles/pixels-release.js&cfRay=7cd7e3b829a73a5a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2a7c9bc6-841c-4b63-bdab-1b576900d41c
last-modified: Mon, 22 May 2023 03:15:08 UTC
server: cloudflare
etag: W/"862fe95a42e7a27927f5d04635cd29ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7cd7e6d76f7e381f-FRA
x-amz-cf-id: IBcGykNl_IplBtZgkDEH5lHSgtjmzQBFgLaQo1y9PdTZXiBs5KgECw==
x-hs-target-asset: adsscriptloaderstatic/static-1.377/bundles/pixels-release.js

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ Frame 7802 28 KB
10 KB 194ms
141ms Script
application/javascript 2606:4700::6811:d839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0d7e7820b47c5b377abf48e51516ddc918faeca14a5d77fffc49f2cdd7a52f

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: aBm0nfEHBkQ2eb6eUkQyfG8KgEDfqsg1
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.14968/bundles/popupInjector.js&cfRay=7cd7e6d76dc52c2d-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: acb698e2-454a-451b-890c-35e5493618a0
last-modified: Mon, 08 May 2023 08:10:07 UTC
server: cloudflare
etag: W/"89690e90c9df10fd0a43e02fe1eede6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-nnm64
cf-ray: 7cd7e6d76dc52c2d-FRA
x-amz-cf-id: Vthvsog26rm3dHlgi0e6ziXeQxYQMgSxyRyJqswQySd5eF5mG9bADA==
x-hs-target-asset: feedback-web-renderer-ui/static-1.14968/bundles/popupInjector.js

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 461ms
406ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6d77defbb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:39 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 7802 150 B
586 B 450ms
449ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d20252b7ff344826f1e27c66e3ae8c458a103f4772c7a0df2a36dd5a5290390

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"96-pSHZJ/j1o1BhCNC4Wp5S1hFHFaU"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6da0dde2bda-FRA

GET
H2 200 frame-modern.cabb9239.js Show response
js.intercomcdn.com/ Frame 365A 482 KB
135 KB 104ms
33ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.cabb9239.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/w5713re4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

59e918790b0d262732acfddab5547285b261757d9084cc6aa7563a3947274f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: Z_6wqdo05TvqX4lVE0rkeDMd56caA12T
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
date: Fri, 26 May 2023 17:22:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 137453
last-modified: Fri, 26 May 2023 15:20:33 GMT
server: AmazonS3
etag: "e00839feab82e45c58d28c08424d1434"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: OzPRFDCGPsJsUq0vUNY_hOuCWC5MoPobu38jT2lUglfOCpaNieR6Lw==

GET
H2 200 vendor-modern.06243fd2.js Show response
js.intercomcdn.com/ Frame 365A 236 KB
73 KB 145ms
74ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.06243fd2.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/w5713re4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

100c7b6365da26112898b6aae3af4bd903d2b567f13f6f797d30356848067f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: xMrha.TBd7bvWKsyowlmy40PjFlyS1RA
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
date: Fri, 26 May 2023 17:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 1514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74286
last-modified: Tue, 23 May 2023 15:30:49 GMT
server: AmazonS3
etag: "1f4f03220c33c5d981f0544f7cb60117"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: cJNy3EJ8sC0PXQk6Pg2U08c3CBVEOZ4dd6vRaXEO5_Mh1-qDZqBmtw==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame 5E63 64 KB
20 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gkcnwMmhJ0I0vwI/MpNFJy/gwIsGyCMfiPjRbt1cn1p3f6bLR3XD1yWXTPwXYIVZcAWgnVXqWcClipWqp52drw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2904194103159151 Show response
connect.facebook.net/signals/config/ Frame 5E63 75 KB
21 KB 341ms
340ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2904194103159151?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

186df69b12b9aefddeed442da0ca515bec0ccefeb6c592572ead665b1b64923b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uSPHXsE7TK+2xtPum6vMUPWgGpzMq5Ee4F9jee8AoyFMXatoR/OHkACNjlC9+tjctP865KKIy46Nd6tg8TLxrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2614165.js Show response
js.hs-analytics.net/analytics/1685123700000/ Frame 5E63 66 KB
20 KB 221ms
220ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1685123700000/2614165.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55ee5826df8d2dd28559673a3ca87b16fdfdff65dc665cff4e8a2c8148695a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8T36WJFE6QTDRHM3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 0
x-envoy-upstream-service-time: 34
x-amz-id-2: SDKWU2FUp6jRyACzOil4ny35UQ0fZq1iDLkJr1vgPkSoEWbI8NXydbRm5rxQ1dESwXPpO9LMKMs=
x-evy-trace-listener: listener_https
x-request-id: 77036083-4c17-46f8-9d20-32e37dc0d10f
x-evy-trace-route-configuration: listener_https/all
last-modified: Sat, 20 May 2023 03:25:11 GMT
server: cloudflare
etag: W/"7d776d26b1b85eec3de8c5a8588f6e83"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7cd7e6d7de779bbf-FRA
expires: Fri, 26 May 2023 18:02:39 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ Frame 5E63 545 KB
87 KB 41ms
40ms Script
application/javascript 2606:4700::6811:826e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:826e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-encoding: br
age: 73485
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js&cfRay=7cd0e4c9b9612ba2-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b2585633e816f12e4b5de8663cf46c30"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js
date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: gY.ddbQs4Pt.3p8HNDwQjbxkSRA75npf
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 46c5eea4-d0a4-4a82-852d-b66bc8437817
last-modified: Mon, 08 May 2023 08:57:34 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-mm66x
cf-ray: 7cd7e6d7ca822bdf-FRA
x-amz-cf-id: 1uKU6pbCe2DEAEQsUp6HD3OxuQdhmuJMQc2vvvHdlQdzUstpC9J-Sw==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ Frame 5E63 75 KB
21 KB 35ms
34ms Script
application/javascript 2606:4700::6811:65ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:65ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa810202626ec84220cf406fedfd4ddd214dbd8d794e98cae03e25d68d43f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: rNxfcUvK5hzD5Zp1UfyYFc.HO4SajofG
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 352
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13303/bundles/project.js&cfRay=7cd7de41fd25698f-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1d1dce5c-8ae9-4942-bdab-aac39e653f6a
last-modified: Tue, 23 May 2023 08:10:34 UTC
server: cloudflare
etag: W/"bbf4edeb9ca2f6774ea4a317744093aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-s8xd8
cf-ray: 7cd7e6d7cc959b33-FRA
x-amz-cf-id: lAG0RjTamVQjoFdt0Y4q7WvS3vp_zahUkhdAT-NJPinki8iAQXq1_A==
x-hs-target-asset: conversations-embed/static-1.13303/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame 5E63 6 KB
3 KB 36ms
35ms Script
application/javascript 2606:4700::6810:75be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:75be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483ec486a8c947a82da6462397dbe386bebab6b2921f517c35e2b9cb53498c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: UWz6VDoRBzzIc_vph_dNl5MbrO6eX90N
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 128
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.377/bundles/pixels-release.js&cfRay=7cd7e3b829a73a5a-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2a7c9bc6-841c-4b63-bdab-1b576900d41c
last-modified: Mon, 22 May 2023 03:15:08 UTC
server: cloudflare
etag: W/"862fe95a42e7a27927f5d04635cd29ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7cd7e6d7d812381f-FRA
x-amz-cf-id: IBcGykNl_IplBtZgkDEH5lHSgtjmzQBFgLaQo1y9PdTZXiBs5KgECw==
x-hs-target-asset: adsscriptloaderstatic/static-1.377/bundles/pixels-release.js

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ Frame 5E63 28 KB
9 KB 129ms
128ms Script
application/javascript 2606:4700::6811:d839
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d839 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0d7e7820b47c5b377abf48e51516ddc918faeca14a5d77fffc49f2cdd7a52f

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: aBm0nfEHBkQ2eb6eUkQyfG8KgEDfqsg1
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.14968/bundles/popupInjector.js&cfRay=7cd7e6d7ce482c2d-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9f945c7a-052f-4dff-92ba-ab9dcd8fcaee
last-modified: Mon, 08 May 2023 08:10:07 UTC
server: cloudflare
etag: W/"89690e90c9df10fd0a43e02fe1eede6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xjmf2
cf-ray: 7cd7e6d7ce482c2d-FRA
x-amz-cf-id: I414VBPn6Jcc37dlS9JOyfx_hX7TRzM-i-Zm1Mmor9rIQSi39VkDVA==
x-hs-target-asset: feedback-web-renderer-ui/static-1.14968/bundles/popupInjector.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2614165/ Frame 5E63 208 KB
63 KB 415ms
414ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2614165/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2614165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa79ec5ac7aadfa8cb4026239848538c189c195e743eaa8b630a9cff71feff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-amz-version-id: QgZRbbp5xmsOPODlVmqmfsAVtO3abCzB
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: WPFH8PETZA98MMZK
x-amz-server-side-encryption: AES256
x-amz-id-2: R1ANtcYRpPZ1O3lVXzNasTl0c+7iJwH9H74GdRY61ExHUAxWsHGUkmOHB07hcQl+Cb3g4fREUHs=
last-modified: Mon, 17 Apr 2023 15:07:40 GMT
server: cloudflare
etag: W/"04e46f95475a2db19f8320dd9dd742f6"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.zeffy.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7cd7e6d7cb2991e3-FRA
expires: Fri, 26 May 2023 18:02:39 GMT

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 5E63 8 KB
8 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:21:45 GMT
x-content-type-options: nosniff
age: 524154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 16:21:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5E63 11 KB
11 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:59:24 GMT
x-content-type-options: nosniff
age: 521895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 16:59:24 GMT

GET
H2 200 817ceb2512c424ae.css Show response
www.zeffy.com/_next/static/css/ Frame 5E63 87 KB
47 KB 51ms
29ms Fetch
text/css 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/css/817ceb2512c424ae.css

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba025fe507427992b581796332e1d9becef3d74770c172baa03a69c119bd3ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
accept-language: de-DE,de;q=0.9
baggage: sentry-environment=production,sentry-release=00dcc5178e85f1ec031730b516a7bbccbd815c65,sentry-transaction=%2Fembed%2Fdonation-form%2F%5BdonationFormId%5D,sentry-public_key=781fd8112e4243c1b089f1385fca29eb,sentry-trace_id=e564a7bfa46e43929c68dd4417c08db6,sentry-sample_rate=0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
sentry-trace: e564a7bfa46e43929c68dd4417c08db6-8867d14a2eaeb8f7-0

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 4951129
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 09:54:12 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d81b0e2bda-FRA

GET
H2 200 817ceb2512c424ae.css Show response
www.zeffy.com/_next/static/css/ Frame 7802 87 KB
47 KB 33ms
33ms Fetch
text/css 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/css/817ceb2512c424ae.css

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba025fe507427992b581796332e1d9becef3d74770c172baa03a69c119bd3ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
accept-language: de-DE,de;q=0.9
baggage: sentry-environment=production,sentry-release=00dcc5178e85f1ec031730b516a7bbccbd815c65,sentry-transaction=%2Fembed%2Fdonation-form%2F%5BdonationFormId%5D,sentry-public_key=781fd8112e4243c1b089f1385fca29eb,sentry-trace_id=7637fb59730f4353bc78a92936406bae,sentry-sample_rate=0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
sentry-trace: 7637fb59730f4353bc78a92936406bae-b2c3b0ad7ce75ef7-0

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 4951129
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Mar 2023 09:54:12 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6d81b232bda-FRA

GET
H2 200 frame-modern.cabb9239.js Show response
js.intercomcdn.com/ Frame 3313 482 KB
135 KB 21ms
20ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.cabb9239.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/w5713re4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

59e918790b0d262732acfddab5547285b261757d9084cc6aa7563a3947274f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: Z_6wqdo05TvqX4lVE0rkeDMd56caA12T
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
date: Fri, 26 May 2023 17:22:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 137453
last-modified: Fri, 26 May 2023 15:20:33 GMT
server: AmazonS3
etag: "e00839feab82e45c58d28c08424d1434"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: gqZIk5QsosMQ7RNWSqWGGVOpWEgdpA5VeTnLlpercEfJzCh5N4rt4w==

GET
H2 200 vendor-modern.06243fd2.js Show response
js.intercomcdn.com/ Frame 3313 236 KB
73 KB 28ms
27ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.06243fd2.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/w5713re4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

100c7b6365da26112898b6aae3af4bd903d2b567f13f6f797d30356848067f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: xMrha.TBd7bvWKsyowlmy40PjFlyS1RA
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
date: Fri, 26 May 2023 17:32:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 1514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74286
last-modified: Tue, 23 May 2023 15:30:49 GMT
server: AmazonS3
etag: "1f4f03220c33c5d981f0544f7cb60117"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: vhsmPoOg4QHRHxDYDNAbGSImN66F1LYKxjV_G_WsNHAYqzzgcUwuUw==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame 7802 64 KB
20 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gkcnwMmhJ0I0vwI/MpNFJy/gwIsGyCMfiPjRbt1cn1p3f6bLR3XD1yWXTPwXYIVZcAWgnVXqWcClipWqp52drw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2904194103159151 Show response
connect.facebook.net/signals/config/ Frame 7802 75 KB
21 KB 478ms
478ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2904194103159151?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

186df69b12b9aefddeed442da0ca515bec0ccefeb6c592572ead665b1b64923b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gv6HBrjeC6kJV9t1WoSflg5YWCOThert5o4Ts+7HIUzl5Du4fEj1jrNc6V9mytHQtYhacYF6UQoAPN927qRXFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 7802 0
11 B 30ms
29ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtm.init_consent&eid=-1&tc=2&dl=www.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&tdp=OPT-TD858CV;;0;0;0&z=0

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ Frame 7802 0
15 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtm.init_consent&eid=-1&tc=2&dl=www.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&tdp=OPT-TD858CV;;0;0;0&z=0
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:39 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 7802 0
11 B 38ms
37ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtm.init&eid=0&tc=2&z=0

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 7802 0
11 B 47ms
46ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtm.js&eid=1&tc=2&tr=1asprv.5asprv&ti=1asprv.1asprv&z=0

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 7802 0
11 B 48ms
47ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtag.config&eid=4&tc=2&z=0

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 7802 0
11 B 48ms
47ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtm.historyChange&eid=5&tc=2&z=0

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5E63 51 KB
20 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-82053185-9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 16:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4925
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 26 May 2023 18:35:34 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7802 51 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-82053185-9&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 16:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4925
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 26 May 2023 18:35:34 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ Frame 7802 318 B
962 B 146ms
145ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2614165&conversations-embed=static-1.13303&mobile=false&messagesUtk=e744b1937e294a229214409adeacabfa&traceId=e744b1937e294a229214409adeacabfa&referrer=https%3A%2F%2Fwww.toadgivesback.org%2F

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df028ef1f8c9b7c1000aff32164539fef5a3c7b2c014cc31bba19e9cc8666c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d64ffab9-f3d6-4e97-9949-6f45a5467782
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 253
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 23b68334-5118-4aee-bf9d-0e13ed8e39ea
server: cloudflare
x-trace: 2BFDFD01DD9C42675193FD73684DA603024803DC61000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-s6249
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDYkavyTkgTu0ta3WTLtKcHwjSHVA%2BwLcn2HKIZe8Q9OOanay2XjR6WXCrM29h1pdyqvz99tc8B%2B2msgD5qGTvu963WqyOCmYU4CP8Vbx5L%2Fe%2FNdi3f7uf%2BZfHkj8QHQHRVuuaOscZAoiefRtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cd7e6daafd23a85-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 216ms
147ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.zeffy.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6d9bede3a85-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 26 May 2023 17:57:39 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMHtpoHjDzU%2B7HPe4HbyOetiRxuciqfJ6yNzDoglRsmc4scht%2FlGr88x%2Fr3afLv2p%2FtJh62BvtdfTrIk3tyOO0bJ8v8WIz91n7ebPIzdikUOZvQ78XgYeuh705%2B4GCsd4jkihwkEHhTivZ6BpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-hm9x6
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 3aead3ff-6c7c-4881-a3ef-133c85743ab7
x-request-id: f27c51fa-2a11-4d5b-b026-0fb4dcc06445
x-trace: 2B13048D87657FE8704813E63A0595846E6751C8D1000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ Frame 5E63 318 B
1 KB 156ms
155ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2614165&conversations-embed=static-1.13303&mobile=false&messagesUtk=72f89f870bbf49f8b4541b045360eca4&traceId=72f89f870bbf49f8b4541b045360eca4&referrer=https%3A%2F%2Fwww.toadgivesback.org%2F

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df028ef1f8c9b7c1000aff32164539fef5a3c7b2c014cc31bba19e9cc8666c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0904479f-037f-478f-ad64-15d01d6f1688
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
content-length: 253
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a3bf6f8e-9168-4968-a49f-7e51165496d0
server: cloudflare
x-trace: 2B1A2D18CC725C820AC0D9DDDBBBA02DD5BC41BABE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-r8kfs
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRll2jeNpd%2BivCnu%2FTzVAjPryHUIzUOQMldaWivaChFxih1QQBZQw%2Bl%2FXr8jlndfsdTgz%2B5XbAX%2Fzkc%2Bwo22BapPPaon8cY%2B%2FZv1wFNO3dCU1Pn8wqwdsKvo%2BJpAmSS79fB2DfZs1ZUtj2qhlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cd7e6daafd43a85-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 185ms
148ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.zeffy.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6d9bee13a85-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 26 May 2023 17:57:39 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKj1zVDVO%2BXZBCZfZLjNAlCjyd%2FrnYudN9f5mmot5dwA2kMg9TGtYuJgTHCUKTX%2FEjTPuu2qYGHqe88I0vCBaJsIUOSGX5ruw%2FnM3952HV8y2lTJFT4UaJUgiSQ0zhAlSR%2F9deHICjV9pbHzvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-z9vjn
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 074e021a-cd81-4f85-9483-c28b97ce75f8
x-request-id: 144a5636-09e6-4df9-88d0-af2afa1a8870
x-trace: 2BAAF7E1EC910C52DD818C844A204095E199633427000000000000000000

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 365A 4 KB
2 KB 608ms
377ms XHR
application/json 107.22.31.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.cabb9239.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.22.31.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-22-31-116.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2ab398928e6cba59203c12f49cc1006e325d5d375069e45ca48a474ea6f9159b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-03cfe899041603efb
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0020haj93b1vfs7gtqs0
x-runtime: 0.224364
server: nginx
etag: W/"2ab398928e6cba59203c12f49cc1006e"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-intercom-version: 8510753c0027fa4cafcd5b582c1bbed6143169b9
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ Frame 7802 254 B
1 KB 200ms
137ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=2614165

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df84f7a02e337c62ec2953b72a6064d5f7a4d18013a8f16ac8d05c96ef6ee92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5ad42fb2-2c11-4b35-97f3-fbef8d1cbe32
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 09c13d00-5965-445a-8199-f0e6d9180926
server: cloudflare
x-trace: 2B737BBB8DD913BC44876504373D7ED6B435305C58000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-r8kfs
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRIuF6VujVnCMz1wry0x2KGonf%2BIE9mh6e7IfrgI6X9XBjUaqYkn07CR%2BC%2F2CnS3TOcusm%2BfuQ9sbYFhsBMJryKP2oxiIpCZQWa9G8dH8a20B%2FmNJbuh0cfNZPruKP%2FA7dpbIPfVKfvFbAV3"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cd7e6daa8ffbb49-FRA
access-control-allow-headers: *

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ Frame 5E63 71 KB
21 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Q5HlhM3YVhUuAdsP3Be5RPyQwDZo6hr2r08Jw0BG2FKdd53JmY2B9jaMSV5nvkjrpFmCRGfNQXSXD/Qqihultw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 3313 4 KB
2 KB 497ms
394ms XHR
application/json 107.22.31.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.cabb9239.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.22.31.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-22-31-116.compute-1.amazonaws.com

Software

nginx /

Resource Hash

eec6e4163995153f7167a647f632cc32044486a00d9003c2597af06b5e5dde4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-03cfe899041603efb
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00046ubtta4pn1k115h0
x-runtime: 0.247004
server: nginx
etag: W/"eec6e4163995153f7167a647f632cc32"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-intercom-version: 8510753c0027fa4cafcd5b582c1bbed6143169b9
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ Frame 5E63 254 B
600 B 151ms
150ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=2614165

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2df84f7a02e337c62ec2953b72a6064d5f7a4d18013a8f16ac8d05c96ef6ee92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5b3b7f21-fd9b-43d7-a6b5-de7df3b426be
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2e7d8e1e-d113-4625-85f7-3b7282c1cb25
server: cloudflare
x-trace: 2B2D62FD17A7878A51A2148183F7A8CA5A80BF2CDC000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.zeffy.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-wmk7z
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjg9sbiMTV3CGjmpVJjKp7HllhJ7QBR4%2FSqpullsytRjZEc2kq0OSxzc5zSX%2FQ861PiYlgC%2Bmj63ALVJwt83B6XvrqATjSHDP3JvP1yYdpFUpIME5IPLAUWuPZ7ZkkXhrGk4cqCj7lH7pmA1"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cd7e6daf95ebb49-FRA
access-control-allow-headers: *

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 120ms
119ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6db0a52bb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:39 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 5E63 96 B
207 B 397ms
397ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a6f3c4847098454b7694e1b2e880b7e8f112c87a4ee83d852bcadbd42054f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"60-YTP1glKgIIq77LmVM2ZWnD6tuMk"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6dbc8402bda-FRA

POST
H2 200 / Show response
api.amplitude.com/ Frame 5E63 7 B
205 B 592ms
199ms XHR
text/html 52.24.142.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.142.169 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-142-169.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-6470f314-18f5026f4e1551ae01f634cb
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 5E63 978 B
388 B 407ms
406ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98a015902fd49e782327a389d1f27b930f808ff452ed268bceeda569b55f12e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"3d2-tKc29e8qVyD2Sx1Wtc899v9DWro"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6dbf88b2bda-FRA

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 125ms
125ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6db2a77bb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:39 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 405ms
403ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6db3a7bbb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:40 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 7802 96 B
154 B 138ms
138ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a6f3c4847098454b7694e1b2e880b7e8f112c87a4ee83d852bcadbd42054f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"60-YTP1glKgIIq77LmVM2ZWnD6tuMk"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6ddbae22bda-FRA

POST
H2 200 / Show response
api.amplitude.com/ Frame 7802 7 B
204 B 579ms
200ms XHR
text/html 52.24.142.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.142.169 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-142-169.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-6470f314-0f42014072950fc1506e32a8
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 7802 977 B
370 B 124ms
123ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b54a2b888761e5ba2603171d29053488df7ec6172ecb0b425c229bd9b61bb247

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"3d1-RsgppnFKlQtSy0ZDRaLaDcFifvg"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6ddaad02bda-FRA

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 384ms
384ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6db4a8ebb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:40 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 5E63 0
186 B 81ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2904194103159151&ev=PageView&dl=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&rl=https%3A%2F%2Fwww.toadgivesback.org%2F&if=true&ts=1685123859727&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&it=1685123859159&coo=false&eid=1685124756699_16851240883801&tm=1&rqm=GET

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7802 183 KB
67 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-812495571

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5321f57c25f368531475325c23aaf24d7d0058c2e7f5fd29942011953ecd185d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68165
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7802 183 KB
67 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-812495571&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

779f2afc1389478e7cb5ccf588a5e6c063bdacaaa2bc0a77ec14ad209266b18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68173
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:39 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 7802 13 KB
5 KB 138ms
37ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32810
accept-ranges: bytes
content-length: 4777

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ Frame 7802 71 KB
21 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Q5HlhM3YVhUuAdsP3Be5RPyQwDZo6hr2r08Jw0BG2FKdd53JmY2B9jaMSV5nvkjrpFmCRGfNQXSXD/Qqihultw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
canny.io/ Frame 5E63 95 KB
32 KB 99ms
24ms Script
text/javascript 2600:9000:225e:9400:0:1a32:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://canny.io/sdk.js
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9400:0:1a32:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 469cafc076cc2c1d6edfce6ac1afdb2741251e39daae89493c85298f758047a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 08:27:15 GMT
content-encoding: gzip
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-version-id: cECg9kp3aGN47Qxez69enx_d_kw7IiPP
last-modified: Tue, 09 May 2023 17:55:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 466224
etag: W/"1e365fd6f751ea1b9e83b83aa791c368"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: R8-OUCViGxzQdO49VVx1xV-JMggth_fRnuqz2hG3SytCCtnwrm4Szw==

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame F171 200 B
1 KB 24ms
24ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 463
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:49:57 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 11 May 2023 20:01:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: IYzfJTBObzVVHUvzDHmrYmykgXCMQF3CyHsmtILzfKqVevs9bqQPVw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame 9B6E 1 KB
2 KB 158ms
113ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015d3cebad9f035eda71696b7af9ec1c10f49b45fe4619db1e59cf248a503585

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80687
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 7cd7e6dc3de03656-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.14968/html/fetcher.html&cfRay=7cd7e6dc3de03656&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fwww.zeffy.com%2F&cfenv=prod&pdt=2023-05-26&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:57:39 GMT
expires: Sat, 27 May 2023 17:57:39 GMT
last-modified: Sat, 06 May 2023 17:20:04 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7cd7e6dc3de03656&resource=feedback-web-renderer-ui/static-1.14968/html/fetcher.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: PMU-Yty4Iuo9JloYo5rNRFZWjGpcKe0bIMkB52dnNKvj7InM01Ndyg==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: rvVygbCVo2q4W34rYvjLbkexWIBeE_mw
x-cache: Hit from cloudfront
x-hs-target-asset: feedback-web-renderer-ui/static-1.14968/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 5E63 45 B
1 KB 214ms
153ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=2614165&rcu=https%3A%2F%2Fwww.zeffy.com%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&r=https%3A%2F%2Fwww.toadgivesback.org%2F&pu=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&t=Donate&cts=1685123859820&vi=27a694499ec21521337da8ba11d1da6a&nc=true&cc=15

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0403d765-55a7-405d-91b8-5ae279e71c0b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4e666e86-3a23-4084-aae6-aada0eabf2d4
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bS1YHxe47aLYZHVV%2FVdk4HFoPrEY3%2FWf5pw%2BbjjsyST83EOLUaOfPYh0W8tNNDdkM0RgHhRAtbELVSQ7huxlZULvuciN0ipHqxcYLLHZlrkX1leFtzKa5Up0fEbJmKdaL6W9%2FT3RnKqo%2B%2BZZLqf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-nzmfg
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7cd7e6dc5938bbec-FRA
x-robots-tag: none

POST
H2 204 rum Show response
www.zeffy.com/cdn-cgi/ Frame 5E63 0
155 B 42ms
42ms XHR
text/plain 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/cdn-cgi/rum?

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.zeffy.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7cd7e6dc08a12bda-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5E63 183 KB
67 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-812495571

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5321f57c25f368531475325c23aaf24d7d0058c2e7f5fd29942011953ecd185d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68165
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:39 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5E63 183 KB
67 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-812495571&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KKWPQK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31853a31c9337ac52c7fa8d0324f78f9374781d6fe442c4d4dde8d39f4963e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68170
x-xss-protection: 0
last-modified: Fri, 26 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 17:57:39 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 5E63 13 KB
5 KB 58ms
36ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32810
accept-ranges: bytes
content-length: 4777

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F171 631 B
1 KB 23ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 26 May 2023 17:55:42 GMT
x-content-type-options: nosniff
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 118
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 25 May 2023 20:16:52 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2tYJ0KMoyUQBto_rRjQ7mx50IAwzt7ponT_2N4NN7MN0LP34MoXNlA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/ Frame 7802 3 KB
2 KB 88ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/?random=1685123859882&cv=11&fst=1685123859882&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&ref=https%3A%2F%2Fwww.toadgivesback.org%2F&hn=www.googleadservices.com&frm=2&tiba=Donate&did=dZTQ1Zm&gdid=dZTQ1Zm&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-812495571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ddbe85c8992796744327d5f40ee59e7d55cb37446cff940362bdcc04be0a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 7802 0
31 B 21ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2904194103159151&ev=PageView&dl=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&rl=https%3A%2F%2Fwww.toadgivesback.org%2F&if=true&ts=1685123859895&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&it=1685123859288&coo=false&eid=1685124756699_16851242988801&tm=1&rqm=GET

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 May 2023 17:57:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F171 0
718 B 829ms
192ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123860689212
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123860688652
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F171 0
717 B 830ms
193ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123860688991
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123860688748
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 6E62 930 B
2 KB 320ms
21ms Document
text/html 2600:9000:2057:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 294
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:52:47 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: QF5Mlu7o-aFdfyme3Rhx1rGVJcBRE9dbDvxahjTxI30SD2KtopViXQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/ Frame 5E63 3 KB
2 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/?random=1685123860048&cv=11&fst=1685123860048&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&ref=https%3A%2F%2Fwww.toadgivesback.org%2F&hn=www.googleadservices.com&frm=2&tiba=Donate&did=dZTQ1Zm&gdid=dZTQ1Zm&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-812495571&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a3b07a226652dc02148dfaec3a74c4bc80a6397d115c2b0039b984bf7992663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 5E63 0
11 B 37ms
36ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=2&dl=www.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&tdp=AW-812495571;;0;2;0&z=0

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ Frame 5E63 0
15 B 33ms
31ms Image
image/gif 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&es=1&e=gtm.init_consent&eid=-1&h=Ag&tc=2&dl=www.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&tdp=AW-812495571;;0;2;0&z=0
Requested by: Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:40 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ Frame 5E63 0
11 B 50ms
49ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&es=1&e=gtm.init&eid=0&h=Ag&tc=2&tr=1ccdpreautopii&ti=2ccdpreautopii&z=0

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 5E63 0
11 B 50ms
48ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&es=1&e=gtm.js&eid=1&h=Ag&tc=2&tr=1rep&ti=1rep&z=0

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 5E63 0
11 B 50ms
48ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&es=1&e=gtag.config&eid=4&h=Ag&tc=2&z=0

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ Frame 5E63 0
11 B 49ms
48ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&es=1&e=gtm.historyChange&eid=5&h=Ag&tc=2&z=0

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.14968/bundles/ Frame 9B6E 16 KB
7 KB 87ms
33ms Script
application/javascript 2606:4700::6812:8e65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.14968/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8e65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1176776ebd9c37e9adcb630edde5d61671b36fb84a1ed689aec86398786692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
x-amz-version-id: XSo33sEccvirj6XMkRBwweH61RvklUFV
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1590441
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 06 May 2023 17:20:03 GMT
server: cloudflare
etag: W/"f30ccf76c1fab9108cc77ac03d2a4698"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbfxpxff36B7j2qiRKnzp9ot0ZMb1uEKFu0c6xfyKZSYi7H7I7d0Q7wNyteYgu%2FhWhFA8RTjjo89cKaqrkXHqgSCiFfDJpA5TOYOBg1ldIvWnop%2Fiod31mg6yksMI7oCiQz2STqMZcRfvk2FxOyIfrHQcLg%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7cd7e6ddfd0d372d-FRA
x-amz-cf-id: hWqPUsbLd6K3pslcZ6vXwhzyyoMDT01G56vj1wbMtzan36umI6CjpA==
expires: Sat, 25 May 2024 17:57:40 GMT

GET token
cdn.linkedin.oribi.io/partner/4140793/domain/zeffy.com/ Frame 7802 0
0

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 7802
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4140793%26time%3D1685123860108%26url%3Dhttps%253A%252F%252Fwww.toadgivesback.org%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJZh5PXcg9XoAAAAYhZNY11HHc7gM5zeeEOcrc...

0
144 B

250ms
187ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJZh5PXcg9XoAAAAYhZNY11HHc7gM5zeeEOcrcXFbG3UYwOrNOnCbSUQXALciVKbYJhHhozHBcpqw
Requested by: Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B2E07199BB2F474BBAC27314D88DFAFD Ref B: FRAEDGE1116 Ref C: 2023-05-26T17:57:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8nHk3OXBETVUhOGo8Tg==

Redirect headers

date: Fri, 26 May 2023 17:57:41 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 3906798A7E8E451E8BE14AC9B9FD4E3B Ref B: FRAEDGE1821 Ref C: 2023-05-26T17:57:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860108&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJZh5PXcg9XoAAAAYhZNY11HHc7gM5zeeEOcrcXFbG3UYwOrNOnCbSUQXALciVKbYJhHhozHBcpqw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8nHkweEZ/uAMcilmvig==

GET token
cdn.linkedin.oribi.io/partner/4140793/domain/zeffy.com/ Frame 5E63 0
0

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 5E63
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4140793%26time%3D1685123860113%26url%3Dhttps%253A%252F%252Fwww.toadgivesback.org%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL9pzLzjyG5-wAAAYhZNY17yZDCe06ENRPpzVD...

0
265 B

175ms
168ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL9pzLzjyG5-wAAAYhZNY17yZDCe06ENRPpzVDzEy70ZsuooHRdy3zdqOlaSaTCHhpwanlNYB8XMg
Requested by: Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A073CB454E564841AA12DAE53DF57C43 Ref B: FRAEDGE1116 Ref C: 2023-05-26T17:57:42Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8nHk3PkjIkEaXDr4AdA==

Redirect headers

date: Fri, 26 May 2023 17:57:41 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8CCDF77C098947CB850E6E1CE6C4A362 Ref B: FRAEDGE1821 Ref C: 2023-05-26T17:57:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4140793&time=1685123860113&url=https%3A%2F%2Fwww.toadgivesback.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQL9pzLzjyG5-wAAAYhZNY17yZDCe06ENRPpzVDzEy70ZsuooHRdy3zdqOlaSaTCHhpwanlNYB8XMg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX8nHkwlOkIjihM6iuynA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/812495571/ Frame 7802 42 B
455 B 91ms
35ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/812495571/?random=1685123859882&cv=11&fst=1685120400000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&ref=https%3A%2F%2Fwww.toadgivesback.org%2F&frm=2&tiba=Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4130571361&rmt_tld=0&ipr=y

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/812495571/ Frame 7802 42 B
455 B 87ms
31ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/812495571/?random=1685123859882&cv=11&fst=1685120400000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&ref=https%3A%2F%2Fwww.toadgivesback.org%2F&frm=2&tiba=Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4130571361&rmt_tld=1&ipr=y

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/812495571/ Frame 5E63 42 B
108 B 86ms
36ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/812495571/?random=1685123860048&cv=11&fst=1685120400000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&ref=https%3A%2F%2Fwww.toadgivesback.org%2F&frm=2&tiba=Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1483031248&rmt_tld=0&ipr=y

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/812495571/ Frame 5E63 42 B
108 B 86ms
36ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/812495571/?random=1685123860048&cv=11&fst=1685120400000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&ref=https%3A%2F%2Fwww.toadgivesback.org%2F&frm=2&tiba=Donate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1483031248&rmt_tld=1&ipr=y

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame 9B6E 36 B
572 B 163ms
163ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=2614165&utk=27a694499ec21521337da8ba11d1da6a&bundleVersion=1.14968&currentUrl=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&pageUrl=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.14968/bundles/fetcher.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-HS-Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Response headers

x-origin-hublet: na1
date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1894bec6-cd54-4102-a0a2-6be028e3d345
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
content-length: 36
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2fc34d7c-5c92-406f-8865-8f97340580af
server: cloudflare
x-trace: 2B1514072DE7D6A634DF92E80F3AAABF62B98A8DFC000000000000000000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Fgdpx2ahSIEvkuTUz8V4Fisi2uVjtRSQaZsQSu8%2BUCvEYFGR2C0BuNxYWIIhJjTFSYRpx81DPJWUVpQlMEvVyevbGfCE9DjgoZGTSZMmwBSLyip4rKdxAKFQ%2BhAcKjZqWSgq5YDbIlZR0AEATJnUoI%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubapi-td/envoy-proxy-64bd8c87f9-bl4cv
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
cf-ray: 7cd7e6df3e70bb49-FRA

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 149ms
130ms Preflight
text/plain 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hs-referer
Access-Control-Request-Method: GET
Origin: https://app.hubspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6de5d52bb49-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 26 May 2023 17:57:40 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEWd6H7h09huG2jzII7BukejplXvrS6twci%2BhrgWlNavsaRcPq8ydBCaZgy8ylMLlHqHdLj%2Bj%2FJv9625pnB4xFq4SSiU9wtojGTD04wXGX5X0uQuhjIbaHxKX7MOnG%2BZmbfSl%2BveWnglyTAJBVTEU1w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubapi-td/envoy-proxy-64bd8c87f9-m4zxx
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 3e0c1994-273d-4483-8292-de47ca91d6aa
x-request-id: f89d10ed-5911-4b79-ac0b-a869ba474fcd
x-trace: 2BB581384DEA33AC8BC3BE2A5F108533565D582137000000000000000000

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 126ms
126ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6dea803bb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:40 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 124ms
124ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6deb817bb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:40 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 6619-fcf8f082faebe8d1.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 8 KB
3 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6619-fcf8f082faebe8d1.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

06720d10516bbb7bba1aaf635d010448544712f372759ad10eef6c433ef61673

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 593564
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 20:49:45 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6deac252bda-FRA

GET
H2 200 7808-54e5f8a36a7f20de.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 93 KB
23 KB 34ms
33ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7808-54e5f8a36a7f20de.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d9774f047203a7e3ea234c76f907b23747d48a0316e70d8a185f0be49e23b217

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 805278
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 08:17:26 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6deac282bda-FRA

GET
H2 200 4695-7a70f46bb578d4f1.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 54 KB
18 KB 34ms
33ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4695-7a70f46bb578d4f1.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

56dba4647aaebc3b820748438795cbcc4ff050d96e12eb84162c890a3b4782c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 72267
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6deac292bda-FRA

GET
H2 200 7893.7803c45d00f69e35.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 8 KB
3 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7893.7803c45d00f69e35.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

25bb4402ed7b742e845ee12e3c558aca458024d23e4423424c64c6b45ac4a315

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 880104
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6deac2a2bda-FRA

GET
H2 200 5895.d3311884dff2bbeb.js Show response
www.zeffy.com/_next/static/chunks/ Frame 5E63 19 KB
7 KB 32ms
32ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5895.d3311884dff2bbeb.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cee3e4d999319151b1cfb268b0df749fdadf1ddc8ffe750172655f691c24d9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 430048
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 20:49:45 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6deac2b2bda-FRA

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 5E63 150 B
201 B 188ms
188ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

238ee977afa9bcb505ce5dc8de24954033006dc6a5f502ce9c44ab22deeb383c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"96-Uwtj5Dcnd3w2009n6F/oNlwAGLw"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6df7d392bda-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 5E63 884 B
779 B 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/8375-bb7f99d8939fc8d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2c1acb8c394a4d0a40ce87c7aac1234ada60f189837486454660543702484290

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Fri, 26 May 2023 17:57:40 GMT

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 5E63 163 B
221 B 205ms
204ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be74a3755fa61278b4e2f35b103b938e03e06e0db310f00a4d9b769450b05dbe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"a3-7XUvC9IFfE3yxJ9sYDDuoaP2v8A"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6df7d3d2bda-FRA

GET
H2 200 zeffy-logo.png
www.zeffy.com/images/ Frame 5E63 46 KB
46 KB 564ms
564ms Image
image/png 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zeffy.com/images/zeffy-logo.png

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c36acfc4be8f27d682f3c464bbe698dfb52f2552a5bc7565568aca71d02d7490

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 vegur
x-powered-by: Express
x-dns-prefetch-control: on
content-length: 46643
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:22:05 GMT
server: cloudflare
etag: 83877da3-ef06-4bf1-acce-d33ec09dae50
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7cd7e6debc402bda-FRA

GET
H2 200 controller-7df197522808da55e5d22200d24cd9ed.html Show response
js.stripe.com/v3/ Frame 8717 325 B
1 KB 23ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1c10ae869becf59d8542701ca484e03ed89d94a93d751fe0dd269d92c1783f9d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:57:23 GMT
etag: "7df197522808da55e5d22200d24cd9ed"
last-modified: Thu, 25 May 2023 20:16:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: wW9QAyikUINqNG7b1G1Hc6PecPw2MuU0xGlBeYJLS7G4tVrKzUmhiQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5E63 11 KB
11 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:59:24 GMT
x-content-type-options: nosniff
age: 521896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 16:59:24 GMT

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 5E63 8 KB
8 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:04:34 GMT
x-content-type-options: nosniff
age: 499986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 23:04:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5E63 11 KB
11 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 01:47:19 GMT
x-content-type-options: nosniff
age: 231021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 May 2024 01:47:19 GMT

GET
H2 200 elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html Show response
js.stripe.com/v3/ Frame 73BC 798 B
2 KB 25ms
23ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bf95f28fc508ef4c0f78c582791612b04e058664266a253c9c50009099f75649

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2295
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:19:26 GMT
etag: "6f9bdc7c8d1170b70033e70dbb11211e"
last-modified: Thu, 25 May 2023 20:16:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: 7jwhsIsxOk366a0HzWQPn36ylsnFpfE3X7RR1YR_-LOyCTfm1CGWXw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 heart-light-static.svg
www.zeffy.com/images/ Frame 5E63 2 KB
959 B 414ms
414ms Image
image/svg+xml 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zeffy.com/images/heart-light-static.svg

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5a1cd3226c2244f0c46a1a6d143059a1d07f8f76b08ee7628439cb0826973a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
via: 1.1 vegur
content-encoding: br
x-powered-by: Express
x-dns-prefetch-control: on
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:22:05 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
cf-ray: 7cd7e6df3ce72bda-FRA

GET
H3 200 a
www.googletagmanager.com/ Frame 7802 0
11 B 31ms
31ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtag.config&eid=20&u=Ag&h=Ag&tc=2&z=0

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 / Show response
api.amplitude.com/ Frame 5E63 7 B
205 B 357ms
356ms XHR
text/html 52.24.142.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.142.169 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-142-169.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-6470f314-3a4dafbb3dfbed01784ee858
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 / Show response
api.amplitude.com/ Frame 7802 7 B
205 B 389ms
387ms XHR
text/html 52.24.142.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.142.169 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-142-169.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-6470f314-0e3abe33279d49d460ab8d59
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H3 200 KFOmCnqEu92Fr1Me5g.woff
fonts.gstatic.com/s/roboto/v30/ Frame 5E63 64 KB
64 KB 21ms
21ms Font
font/woff 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5g.woff

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 21:38:38 GMT
x-content-type-options: nosniff
age: 505142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65456
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 21:38:38 GMT

GET
H2 200 shared-ee6e6c3db425cbe016efc1cb92a8cfca.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8717 437 KB
99 KB 24ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fcdb8271bf8bbee00cde6e546f7c648a743d92d974dcc6374050031e9b74d616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:19:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2333
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:16:52 GMT
server: Cloudfront
etag: W/"cc96e6203fd59a66bf1c564fbdcb1218"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5QEH2cz7bX2OaGYIYPqk2BuDwAidm9jgtqv2rt_BR8xoCMxLjrQvRA==

GET
H2 200 controller-7fb5dc78fb40512faf1c74ca8de0df0a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8717 463 KB
114 KB 24ms
24ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-7fb5dc78fb40512faf1c74ca8de0df0a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

48b6989b809be5ece1bc768133405dfaee3081fae204ebf8b9d26ff0fd1fc18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:25:59 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1905
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:16:49 GMT
server: Cloudfront
etag: W/"ba2d933c7533e9966acc1e729869577a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -dM4pjwvUABzi_MV0_PrV03FhzqhB2E1_g9Ln-4QrMiT4-aFz86_sQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 6E62 0
491 B 388ms
194ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123860689263
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1685123860688709
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 6E62 86 KB
14 KB 26ms
25ms Script
text/javascript 2600:9000:2057:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:57:15 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 26
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: LABcisFNipMyA0vP2696ND1YQrXbTUOHUpo3G3TYN2WuxDJ4jqf26A==

GET
H2 200 shared-ee6e6c3db425cbe016efc1cb92a8cfca.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 73BC 437 KB
99 KB 38ms
37ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fcdb8271bf8bbee00cde6e546f7c648a743d92d974dcc6374050031e9b74d616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:19:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2333
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:16:52 GMT
server: Cloudfront
etag: W/"cc96e6203fd59a66bf1c564fbdcb1218"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -H3HsCduQy2gaDIbTo4lkyTOPkikYRBkE5i-Lnwx7MmXumTyDbmIbw==

GET
H2 200 ui-shared-b7a71005bfa2c75d7581033f19e14cc3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 73BC 292 KB
84 KB 25ms
24ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b7a71005bfa2c75d7581033f19e14cc3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

007d69a967089fb4f05d4467f29142c9daf64debc278f2dcf1ff46e42b011a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:05:54 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3112
x-cache: Hit from cloudfront
last-modified: Wed, 24 May 2023 20:03:18 GMT
server: Cloudfront
etag: W/"c140db2da7bf196c57d5e39fc2ce92f3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -rmW9ByM4fx0mD2O3xIowrkuJCqNqgom1ju9ZHaeZPLcjMc93owafg==

GET
H2 200 elements-inner-card-46495f7ae052a34714a8f92e537d7694.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 73BC 47 KB
12 KB 40ms
23ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-46495f7ae052a34714a8f92e537d7694.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e81f19c411ca426eb18545f42ad86883f22d74066813e555614c6e9c154a6aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:53:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 286
x-cache: Hit from cloudfront
last-modified: Mon, 22 May 2023 17:03:33 GMT
server: Cloudfront
etag: W/"9159d547b79be89b9114d75ab89d9cab"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 41-EZVmC-OSnpZEPACHfyQB3mJz1qqAyEt5aA6vOQmHmzaV4kP549A==

GET
H2 200 ui-shared-854346c6b614d58b584f5952dfb9d8a4.css
js.stripe.com/v3/fingerprinted/css/ Frame 73BC 19 KB
3 KB 25ms
25ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-854346c6b614d58b584f5952dfb9d8a4.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b3cbf928677d9114d2a50ca02ce7bfb5a970497bc6a656ff9f9b43630eab4391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:25:01 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1966
x-cache: Hit from cloudfront
last-modified: Fri, 12 May 2023 20:05:33 GMT
server: Cloudfront
etag: W/"11a669536417e8d34f1380706387c344"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Y0cZ8RwuFDZTWA83AK6SwjZSyeDZhgKwBSDTlAD3OeBrbd1TVe26UA==

GET
H2 200 elements-inner-card-b72655151ff5e05f6d1145fa00cc430e.css
js.stripe.com/v3/fingerprinted/css/ Frame 73BC 10 KB
2 KB 37ms
37ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-b72655151ff5e05f6d1145fa00cc430e.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2745b1f2a690e7e24d6205017cc4f1540e2379bed3126c7b9c9d15f5953b7f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:11:36 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2768
x-cache: Hit from cloudfront
last-modified: Fri, 19 May 2023 20:12:34 GMT
server: Cloudfront
etag: W/"fa1949959c95f88c0f5d277059cb83cc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SxK171zx6Ml_DYSEdQXY09OwmIRehyz9rl3pfqgpyRdACixMMlvTnw==

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 127ms
123ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6e03ab7bb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:40 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H2 204 graphql
api.zeffy.com/ Frame 0
0 127ms
127ms Preflight 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zeffy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.zeffy.com
cf-cache-status: DYNAMIC
cf-ray: 7cd7e6e04ad6bb7d-FRA
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 26 May 2023 17:57:40 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 zeffy-logo.png
www.zeffy.com/images/ Frame 7802 46 KB
46 KB 578ms
577ms Image
image/png 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zeffy.com/images/zeffy-logo.png

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/framework-f71663e0aec1c55a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c36acfc4be8f27d682f3c464bbe698dfb52f2552a5bc7565568aca71d02d7490

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:41 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 vegur
x-powered-by: Express
x-dns-prefetch-control: on
content-length: 46643
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:22:05 GMT
server: cloudflare
etag: 83877da3-ef06-4bf1-acce-d33ec09dae50
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 7cd7e6dfede12bda-FRA

GET
H2 200 6619-fcf8f082faebe8d1.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 8 KB
3 KB 36ms
30ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/6619-fcf8f082faebe8d1.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

06720d10516bbb7bba1aaf635d010448544712f372759ad10eef6c433ef61673

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 593564
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 20:49:45 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6e03e492bda-FRA

GET
H2 200 7808-54e5f8a36a7f20de.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 93 KB
23 KB 39ms
33ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7808-54e5f8a36a7f20de.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d9774f047203a7e3ea234c76f907b23747d48a0316e70d8a185f0be49e23b217

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 805278
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 08:17:26 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6e03e4b2bda-FRA

GET
H2 200 4695-7a70f46bb578d4f1.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 54 KB
18 KB 37ms
31ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/4695-7a70f46bb578d4f1.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

56dba4647aaebc3b820748438795cbcc4ff050d96e12eb84162c890a3b4782c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 72267
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 25 May 2023 12:19:41 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6e03e4d2bda-FRA

GET
H2 200 7893.7803c45d00f69e35.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 8 KB
3 KB 38ms
32ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/7893.7803c45d00f69e35.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

25bb4402ed7b742e845ee12e3c558aca458024d23e4423424c64c6b45ac4a315

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 880104
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 09:42:48 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6e03e4e2bda-FRA

GET
H2 200 5895.d3311884dff2bbeb.js Show response
www.zeffy.com/_next/static/chunks/ Frame 7802 19 KB
7 KB 36ms
32ms Script
application/javascript 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zeffy.com/_next/static/chunks/5895.d3311884dff2bbeb.js

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/webpack-adc38da9f187b2d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cee3e4d999319151b1cfb268b0df749fdadf1ddc8ffe750172655f691c24d9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 vegur
age: 430048
x-powered-by: Express
x-dns-prefetch-control: on
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 20:49:45 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7cd7e6e03e502bda-FRA

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 7802 150 B
222 B 170ms
165ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

238ee977afa9bcb505ce5dc8de24954033006dc6a5f502ce9c44ab22deeb383c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"96-Uwtj5Dcnd3w2009n6F/oNlwAGLw"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6e11f692bda-FRA

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 7802 884 B
608 B 49ms
47ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/8375-bb7f99d8939fc8d2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2c1acb8c394a4d0a40ce87c7aac1234ada60f189837486454660543702484290

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Fri, 26 May 2023 17:57:40 GMT

POST
H2 200 graphql Show response
api.zeffy.com/ Frame 7802 163 B
600 B 212ms
210ms Fetch
application/json 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.zeffy.com/graphql

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa97461ac082343d29391e63c42a0408bafa92665618d10ac16397bea10fbc96

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: */*
Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"a3-QJbUZZTwmw2REpUuDbFLkQNDhOU"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zeffy.com
vary: Origin
access-control-allow-credentials: true
cf-ray: 7cd7e6e11f6f2bda-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 5E63 410 KB
165 KB 96ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 10:19:46 GMT

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ul6kt/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame 4E66 24 KB
7 KB 65ms
64ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ul6kt/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d253a2c36f4718fb19e763572aaa9e12b2816768f2f44d6b86b895ac03b84630

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e08d79917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:40 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yeipj/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame 144E 24 KB
7 KB 43ms
43ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yeipj/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

232824570a0dcb796ca8e72a70cbc979d27f927c9465baa559685a94c911d10a

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e08d7a917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:40 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fddib/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame EBE5 24 KB
7 KB 42ms
41ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fddib/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5142e9458a5d53581a643bfb067c6d2eb8d41bd03bc0611fc9cfeab3e00eb08e

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e09d7f917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:40 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/htaqz/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame A181 24 KB
7 KB 72ms
71ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/htaqz/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b44651fcfe6284ea11667b84e1d8cd3bdea7ff239f051865cb07746e84ff85ff

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e09d80917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:40 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 200 controller-7df197522808da55e5d22200d24cd9ed.html Show response
js.stripe.com/v3/ Frame 2CF7 325 B
1 KB 25ms
24ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1c10ae869becf59d8542701ca484e03ed89d94a93d751fe0dd269d92c1783f9d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:57:23 GMT
etag: "7df197522808da55e5d22200d24cd9ed"
last-modified: Thu, 25 May 2023 20:16:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: OqJPNhz3LTHsZGZtcis-C2nn1SQo7p2OVeSxS1UOzl-b6dogZX_DEA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 heart-light-static.svg
www.zeffy.com/images/ Frame 7802 2 KB
858 B 310ms
309ms Image
image/svg+xml 2606:4700:10::6816:18cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zeffy.com/images/heart-light-static.svg

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/framework-f71663e0aec1c55a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:18cd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5a1cd3226c2244f0c46a1a6d143059a1d07f8f76b08ee7628439cb0826973a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 vegur
content-encoding: br
x-powered-by: Express
x-dns-prefetch-control: on
x-xss-protection: 1; mode=block
last-modified: Fri, 26 May 2023 08:22:05 GMT
server: cloudflare
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
cf-ray: 7cd7e6e0df0d2bda-FRA

GET
H2 200 elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
js.stripe.com/v3/ Frame EF02 0
0 23ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2295
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:19:26 GMT
etag: "6f9bdc7c8d1170b70033e70dbb11211e"
last-modified: Thu, 25 May 2023 20:16:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: JBTeyj9gDbKjis_kYTzVqu62n_cGO66WeU-ZwV9veqtgZt0XYR2FhQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 8717 0
717 B 531ms
520ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123860885003
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123860883599
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 73BC 0
717 B 530ms
519ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123860884210
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123860883850
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 73BC 0
717 B 529ms
518ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123860879108
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123860878595
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 144E 152 KB
55 KB 38ms
37ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e08d7a917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yeipj/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dfd74bb515ea02cc6db83b2e78d725af4b5b34fc087ee8b304ebce9a5c5d725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yeipj/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:41 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6e6cec2917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame EBE5 158 KB
57 KB 62ms
62ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e09d7f917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fddib/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75aa3d53c71a8fa434eb7eaa1cfb9896babc1413026e4cefc71f923420f6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fddib/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:41 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6e6deca917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H2 200 elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
js.stripe.com/v3/ Frame 206A 0
0 37ms
36ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2296
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:19:26 GMT
etag: "6f9bdc7c8d1170b70033e70dbb11211e"
last-modified: Thu, 25 May 2023 20:16:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: HRzsp7U8RN-MWLlenVUYQIJ7T-IK9FXSySehI1yQ7YBOrQshvuYnpA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 a
www.googletagmanager.com/ Frame 5E63 0
11 B 82ms
82ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&e=gtm.js&eid=1&u=AgAAAAAAAAAAAIA&h=Ag&tc=2&tr=5ccdpreautopii.5rep&epr=1AW&ti=2ccdpreautopii.1rep&z=0

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:41 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 shared-ee6e6c3db425cbe016efc1cb92a8cfca.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2CF7 437 KB
99 KB 34ms
34ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fcdb8271bf8bbee00cde6e546f7c648a743d92d974dcc6374050031e9b74d616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:19:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2334
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:16:52 GMT
server: Cloudfront
etag: W/"cc96e6203fd59a66bf1c564fbdcb1218"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JoH0tuxfnAmseoF2Lpu87cOmkn4gQ2-Z4k1QhDZwvF04LPtQwW_YjA==

GET
H2 200 controller-7fb5dc78fb40512faf1c74ca8de0df0a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2CF7 463 KB
114 KB 38ms
38ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-7fb5dc78fb40512faf1c74ca8de0df0a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

48b6989b809be5ece1bc768133405dfaee3081fae204ebf8b9d26ff0fd1fc18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:25:59 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1906
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:16:49 GMT
server: Cloudfront
etag: W/"ba2d933c7533e9966acc1e729869577a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: a05aRTXn3gpxk2BPXi2FGN1Edtg_RpCL3flnyx6gE2NlhBG3zlSxdA==

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 4E66 157 KB
57 KB 36ms
34ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e08d79917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ul6kt/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a950c1f3717b4e1c155d7c65ae0ab8260451d588802a82b2ed664e59b4c8b85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ul6kt/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:41 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6e7980b917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame A181 153 KB
55 KB 43ms
41ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e09d80917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/htaqz/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f8b870eaed0263135b9c937b2bf11a9fbf904aee31c06aaea19254b873f668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/htaqz/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:41 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6e7a813917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 8717 474 B
866 B 75ms
32ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ea3caa9b7b9cbc15edc860316fbaeb9690a9cd0dcb45c3d6f1481a1962d08d78

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:04 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Thu, 25 May 2023 20:45:46 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 38
etag: "6bcf3670b5b530b4dc0fe0b275dc1817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: JhRZwGThAMJaqRXTiq2xDCy_o0c5f3gUuHeMCSpkDj1D-pUgl_2A6Q==

POST
H2 200 / Show response
api.amplitude.com/ Frame 7802 7 B
205 B 211ms
199ms XHR
text/html 52.24.142.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.142.169 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-142-169.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zeffy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 May 2023 17:57:41 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-6470f315-7b3496f04f55892422a959ea
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H3 200 a
www.googletagmanager.com/ Frame 7802 0
11 B 37ms
29ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtm.historyChange-v2&eid=21&u=Ag&h=Ag&tc=2&z=0

Requested by

Host: www.zeffy.com
URL: https://www.zeffy.com/en-US/embed/donation-form/16921496-e043-4a10-a34a-4c36c3a4d019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:41 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html Show response
js.stripe.com/v3/ Frame E86A 798 B
2 KB 28ms
26ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bf95f28fc508ef4c0f78c582791612b04e058664266a253c9c50009099f75649

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2296
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:19:26 GMT
etag: "6f9bdc7c8d1170b70033e70dbb11211e"
last-modified: Thu, 25 May 2023 20:16:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: ylSQiySz58SRUpqAII62PvrIyntBTxcJ-KCUQmTHU29Z6fadEZLY5g==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 6 Show response
m.stripe.com/ Frame 6E62 156 B
669 B 619ms
195ms XHR
application/json 54.68.59.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.59.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-59-163.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

253da26415645a2889fb6b4f5367f84e2b5decd7670d0a6b3ef7a38188093696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 26 May 2023 17:57:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123862405301
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1685123862404798
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tq1xs/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame BC6A 24 KB
7 KB 44ms
41ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tq1xs/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a171e08abc7ac6e08bf01ae1c0db5641b852dd56a26f29ac7ac0bc8df4e645e2

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e94a58917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:41 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dcekd/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame 4FF7 24 KB
7 KB 41ms
39ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dcekd/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0191c3451686487d24bee79069099db69a343fbdff1aef191504515fe3eb4104

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e94a5b917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:41 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xhu12/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame 7955 24 KB
7 KB 37ms
37ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xhu12/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d504c3f8d555194364d8bbc5e294f595d0a10857d42fcac22cd324cb5ebfc3

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e94a60917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:41 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/czp0w/0x4AAAAAAAE2JblGG6mbzUtx/auto/ Frame 3994 24 KB
7 KB 35ms
35ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/czp0w/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76f62b04ec767daf15e0ff59da80ee061704a046abe4a964528c102e21c90d00

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd7e6e94a67917c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:41 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 73BC 474 B
866 B 22ms
22ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ea3caa9b7b9cbc15edc860316fbaeb9690a9cd0dcb45c3d6f1481a1962d08d78

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:04 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Thu, 25 May 2023 20:45:46 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 38
etag: "6bcf3670b5b530b4dc0fe0b275dc1817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: dND-wXx6ZjQ7grPBNx57TpfW49MiqWB1JYmXSz2NNHbTnRojoUYmtw==

POST
H2 200 csp-report
q.stripe.com/ Frame 2CF7 0
717 B 193ms
193ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123862145641
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123862145089
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ee6e6c3db425cbe016efc1cb92a8cfca.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E86A 437 KB
99 KB 29ms
28ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fcdb8271bf8bbee00cde6e546f7c648a743d92d974dcc6374050031e9b74d616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:19:11 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2335
x-cache: Hit from cloudfront
last-modified: Thu, 25 May 2023 20:16:52 GMT
server: Cloudfront
etag: W/"cc96e6203fd59a66bf1c564fbdcb1218"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -0KG56Ie_48VUi2PSiXC-4s7tPcI72sThdcEKiT33fQWCjP85pTsew==

GET
H2 200 ui-shared-b7a71005bfa2c75d7581033f19e14cc3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E86A 292 KB
84 KB 70ms
69ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b7a71005bfa2c75d7581033f19e14cc3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

007d69a967089fb4f05d4467f29142c9daf64debc278f2dcf1ff46e42b011a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:05:54 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3114
x-cache: Hit from cloudfront
last-modified: Wed, 24 May 2023 20:03:18 GMT
server: Cloudfront
etag: W/"c140db2da7bf196c57d5e39fc2ce92f3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 286DVFYiW8boPLBRy9H8lm8EzRlYqaueeJSLazrvqInCyX4WMP6ehg==

GET
H2 200 elements-inner-card-46495f7ae052a34714a8f92e537d7694.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E86A 47 KB
12 KB 48ms
44ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-46495f7ae052a34714a8f92e537d7694.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e81f19c411ca426eb18545f42ad86883f22d74066813e555614c6e9c154a6aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:53:04 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 288
x-cache: Hit from cloudfront
last-modified: Mon, 22 May 2023 17:03:33 GMT
server: Cloudfront
etag: W/"9159d547b79be89b9114d75ab89d9cab"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: sjcwUSJJ__fARsXOuGlhWxNXNmOabHJZomxWiz7FKuTCCMDIuCMKRg==

GET
H2 200 ui-shared-854346c6b614d58b584f5952dfb9d8a4.css
js.stripe.com/v3/fingerprinted/css/ Frame E86A 19 KB
3 KB 63ms
62ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-854346c6b614d58b584f5952dfb9d8a4.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b3cbf928677d9114d2a50ca02ce7bfb5a970497bc6a656ff9f9b43630eab4391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:25:01 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1968
x-cache: Hit from cloudfront
last-modified: Fri, 12 May 2023 20:05:33 GMT
server: Cloudfront
etag: W/"11a669536417e8d34f1380706387c344"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ZMLMxcSgv_5H3ug-YdJdOodc9jXejgRiM6xm_FfuliR-IsSvX1a4mw==

GET
H2 200 elements-inner-card-b72655151ff5e05f6d1145fa00cc430e.css
js.stripe.com/v3/fingerprinted/css/ Frame E86A 10 KB
2 KB 64ms
63ms Stylesheet
text/css 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-b72655151ff5e05f6d1145fa00cc430e.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2745b1f2a690e7e24d6205017cc4f1540e2379bed3126c7b9c9d15f5953b7f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:11:36 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2770
x-cache: Hit from cloudfront
last-modified: Fri, 19 May 2023 20:12:34 GMT
server: Cloudfront
etag: W/"fa1949959c95f88c0f5d277059cb83cc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: iwh1U-EvStuCmYQMEfuj4w9RUPWL9zWb8PbFfH-mv_GKitN8imdT7w==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 7802 410 KB
165 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zeffy.com/
Origin: https://www.zeffy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 10:19:46 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DD55 50 KB
27 KB 57ms
55ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=8xrsqby3d50y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1b05ebd3a8c059b87c715747038e1c70edaaf976b58a15f2868c528ee71e1a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s0mj_75mgi7tSfRF0SDwWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27746
content-security-policy: script-src 'report-sample' 'nonce-s0mj_75mgi7tSfRF0SDwWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 8717 1 KB
2 KB 380ms
225ms Fetch
application/json 18.202.131.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a3b59dd81443b29ad5616db6445a07506e36642a716817bec331bd32595ef469

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123862400364
content-length: 1151
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 50
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1685123862399444
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 7955 157 KB
57 KB 4813ms
4812ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e94a60917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xhu12/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 436c8c1d119bb08a4b8fd17dbbecf32fa40dff9cb4860de7adaad3e9db31a3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xhu12/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:47 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6eb7d80917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 3994 152 KB
55 KB 4818ms
4816ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e94a67917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/czp0w/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dfd74bb515ea02cc6db83b2e78d725af4b5b34fc087ee8b304ebce9a5c5d725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/czp0w/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:47 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6eb7d81917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 4FF7 164 KB
59 KB 4839ms
4837ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e94a5b917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dcekd/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f05db19c636529ff98d812739671cc0fd607ab9b637c3e0181b83dba37dd56c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dcekd/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:47 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6eb7d82917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame BC6A 155 KB
56 KB 4816ms
4814ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e94a58917c
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tq1xs/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96ca3dd01d0ed06178a389deb8cf5f3388cb02a1fbcb6ac9d31133336aebfbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tq1xs/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:47 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6eb7d86917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2CF7 474 B
865 B 38ms
35ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ea3caa9b7b9cbc15edc860316fbaeb9690a9cd0dcb45c3d6f1481a1962d08d78

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-7df197522808da55e5d22200d24cd9ed.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:04 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Thu, 25 May 2023 20:45:46 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 39
etag: "6bcf3670b5b530b4dc0fe0b275dc1817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: rIxaDJIZG5fM1jkMTqZEQvSx6Nov7oD-ARf4EEc1slzn0uiLSszSMw==

GET
H3 200 a
www.googletagmanager.com/ Frame 5E63 0
11 B 38ms
37ms Image
text/html 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=AW-812495571&cv=1&v=3&t=t&pid=2048015263&rv=35o0&es=1&e=gtm.historyChange-v2&eid=23&u=AgAAAAAAAAAAAIA&h=Ag&tc=2&z=0

Requested by

Host: www.toadgivesback.org
URL: https://www.toadgivesback.org/form.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 430ms
393ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735622
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735312
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 430ms
394ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735990
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735724
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 450ms
414ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736638
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736036
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 433ms
397ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735817
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735675
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 459ms
423ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736790
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736223
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 431ms
399ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735948
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735601
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 425ms
392ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735803
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735437
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 424ms
393ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735974
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735740
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 418ms
387ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735626
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735190
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 415ms
384ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735605
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735278
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 415ms
385ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735788
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735549
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 417ms
387ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736121
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1685123862735963
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 427ms
397ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862735863
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862735390
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 429ms
399ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736348
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736202
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 439ms
410ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736948
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736745
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 432ms
403ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736516
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736166
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 427ms
398ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736513
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736281
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 443ms
414ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736626
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1685123862736108
access-control-allow-credentials: true
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame DD55 55 KB
24 KB 64ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=8xrsqby3d50y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 10:52:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame DD55 410 KB
164 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 10:19:46 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame E86A 0
717 B 368ms
367ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123862737268
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123862736592
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E86A 0
717 B 351ms
350ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123862736933
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123862736661
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 309ms
306ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736646
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736352
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 329ms
320ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862737295
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736387
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 329ms
323ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862737260
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1685123862736538
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 2CF7 1 KB
2 KB 247ms
245ms Fetch
application/json 18.202.131.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.202.131.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-131-124.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7b2002e3f56f6cc0b0894921b4ba649211529c27b477e1f036fc4d560887550b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123862651262
content-length: 1151
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 68
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1685123862650621
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B130 50 KB
27 KB 48ms
47ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=rvsg3fvbld8w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbbc6e4c702b76f6915141b94a57e8844498f6c27a78c64cc2d73f9bc80b0c22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hoHdcUQpDJuS5y18PgP9MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27750
content-security-policy: script-src 'report-sample' 'nonce-hoHdcUQpDJuS5y18PgP9MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 17:57:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 278ms
278ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862737053
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736439
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 272ms
271ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862737117
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736570
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 258ms
258ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736697
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736519
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 257ms
257ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736679
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736513
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 261ms
261ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736853
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736560
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 274ms
274ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862736753
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1685123862736554
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 256ms
256ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862737009
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862736696
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 435ms
435ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862925928
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925430
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 421ms
420ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862925890
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925514
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 424ms
424ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862925913
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925652
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 418ms
416ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862925913
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925607
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 432ms
429ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862925921
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925746
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 419ms
418ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926047
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925818
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 445ms
443ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926322
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925752
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 431ms
430ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926203
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1685123862925833
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 421ms
420ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926241
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925972
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 418ms
417ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926159
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925944
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 431ms
430ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926154
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862925986
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 424ms
423ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926377
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926056
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 424ms
424ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926408
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926198
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
273 B 429ms
429ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926433
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926120
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 442ms
442ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926328
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1685123862926171
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 423ms
423ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926564
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926305
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 419ms
418ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926558
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926356
access-control-allow-credentials: true
content-length: 0

POST b19c29329b4b6b2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1059465106:1685120922:p-yZmWvwLPNRO24jmz5Qhyau0-tWXpNO-sVaGinmOX4/7cd7e6e09d7f917c/ Frame EBE5 0
0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E86A 474 B
866 B 23ms
23ms Fetch
application/json 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-99.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ea3caa9b7b9cbc15edc860316fbaeb9690a9cd0dcb45c3d6f1481a1962d08d78

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-6f9bdc7c8d1170b70033e70dbb11211e.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:04 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Thu, 25 May 2023 20:45:46 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 39
etag: "6bcf3670b5b530b4dc0fe0b275dc1817"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: lEXMM2RfQOMJo6nMbvpgbIFWO07gNJlK6ue0B-3PLXS3JQU-vmkERw==

POST 530315e852d1fda
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/582863865:1685120943:yfFLKVaCBBJ49_Ls2WqfWmao0SKrrHmNfW8LH4N6B9I/7cd7e6e08d7a917c/ Frame 144E 0
0

POST 1f4e7065139f547
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1333819845:1685120902:Z3__ZKt_VpgN91QUuGdo-A6F7YgL-d7SA302h2AP-XA/7cd7e6e08d79917c/ Frame 4E66 0
0

POST 222eefda49ef239
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/463605982:1685121116:mfPtMuD0ZWtUuVGx0cfj9RFzvxhyqxxiLiP2Hhz2IKA/7cd7e6e09d80917c/ Frame A181 0
0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 310ms
309ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926634
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926433
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 323ms
323ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926825
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926530
access-control-allow-credentials: true
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame B130 55 KB
24 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 10:52:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame B130 410 KB
164 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 10:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 10:19:46 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame DD55 102 B
134 B 51ms
50ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=8xrsqby3d50y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 26 May 2023 17:57:42 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 227ms
225ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926803
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926602
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
274 B 227ms
225ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862926834
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862926713
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 199ms
193ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862980257
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862980069
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 199ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862980415
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1685123862980215
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
274 B 199ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:42 GMT
x-stripe-server-envoy-start-time-us: 1685123862980486
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123862980295
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 195ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863025260
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863024912
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
275 B 194ms
193ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863025446
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863025303
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
275 B 199ms
199ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863025906
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863025709
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
275 B 199ms
199ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863027262
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1685123863026651
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 195ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863089044
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863088814
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 194ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863089339
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863089094
access-control-allow-credentials: true
content-length: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B130 102 B
134 B 35ms
34ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcuejsmAAAAADR3hxzFf3qF5vhfEEb0XzikZ5F3&co=aHR0cHM6Ly93d3cuemVmZnkuY29tOjQ0Mw..&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=rvsg3fvbld8w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 26 May 2023 17:57:42 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
275 B 194ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863104229
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863104031
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8717 0
275 B 195ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863104390
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863104082
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 194ms
193ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863128752
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863128622
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 195ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863128889
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863128751
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 194ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863154381
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863154005
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 193ms
193ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863154433
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1685123863154283
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 194ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863155332
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863155028
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 195ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863173194
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1685123863172676
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2CF7 0
275 B 196ms
196ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee6e6c3db425cbe016efc1cb92a8cfca.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 May 2023 17:57:43 GMT
x-stripe-server-envoy-start-time-us: 1685123863173257
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1685123863172710
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 5AAA 200 B
1 KB 23ms
22ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 468
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:49:57 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 11 May 2023 20:01:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: iFcOpFSHfUedG6X7ydyx8vG3RJRAVu1aA1kkZ9rnh0GTdJvguz5F6g==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5AAA 631 B
1 KB 22ms
22ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 26 May 2023 17:55:42 GMT
x-content-type-options: nosniff
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 123
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 25 May 2023 20:16:52 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: akphgwPclcGG0xw4u3VC51tycFQGb9UkVnnX4OAMm__5GYv4Ji3qZQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 5AAA 0
718 B 192ms
192ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123864521527
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123864521283
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5AAA 0
718 B 193ms
192ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123864521984
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1685123864521333
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0822 930 B
2 KB 22ms
21ms Document
text/html 2600:9000:2057:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 298
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:52:47 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: PLutMN0KuGJTKoYF_RJumqfth4vLTMkT-fggCe92BdDxGWKFs9BUdg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 0822 0
492 B 198ms
197ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: toadgivesback.travelonadream.com
URL: http://toadgivesback.travelonadream.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 May 2023 17:57:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123864553578
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1685123864553306
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0822 86 KB
14 KB 24ms
24ms Script
text/javascript 2600:9000:2057:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 26 May 2023 17:57:15 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 30
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 2_Dv3oltaRn7mF0aOcQpJ-hI-qMmViReflrfAM9Lwuu2YnqcGdcaRg==

POST
H2 200 6 Show response
m.stripe.com/ Frame 0822 156 B
669 B 195ms
194ms XHR
application/json 54.68.59.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.59.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-59-163.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7bb7492182380b81ae023e174fedbefcfcafd81e556a248d7242e38716515701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Fri, 26 May 2023 17:57:44 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1685123864589984
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1685123864589318
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 b19c29329b4b6b2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1059465106:1685120922:p-yZmWvwLPNRO24jmz5Qhyau0-tWXpNO-sVaGinmOX4/7cd7e6e09d7f917c/ Frame EBE5 99 KB
0 1828ms
1827ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1059465106:1685120922:p-yZmWvwLPNRO24jmz5Qhyau0-tWXpNO-sVaGinmOX4/7cd7e6e09d7f917c/b19c29329b4b6b2
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e09d7f917c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/fddib/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: b19c29329b4b6b2
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: g4HHSOFzcPR1Yn6MYVkluqSeheykMlBdHD5psyLL/u0R+lWmsIwiDy4BH1zkVcYafO4l/R96rjnYGPjQoY7YNsXyxECaKqoWl/b08VOc4oLqrbDda+lPptMk9pzGOZoKK2RotxiPZ2cbygAE1LyaeIuP79srEXYvzhzRcTQB8alDnrLp8qSYOEekfSbZzov1DuMwGf3pYUmn5IWNfixKOXzxFQ2Rwa+wHCkpds7feDMpkAVq7U2ZFvMIt9xfxkxwhRJxxsD2ovP7XRV41MFwbOq2UPH1lC1hPm2QmSHdo1ZSQXpSMTptKFuGMpVxxhIbT/8t8OoB9d7pzoMmY52/cHy9CQd7CbKyhHG4qW4YRyFirejqiuxzhPfNg7/6qr5ajkFQhdBgqwoEriSfseegZ7yGqbOikmXxSwJMi5gBFSQr/2JK0/Nhq4jobbZlLPFr$7DgKBsTImppk8jVHh4d+FQ==
date: Fri, 26 May 2023 17:57:47 GMT
content-encoding: br
server: cloudflare
cf-ray: 7cd7e6feaf14917c-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 502 530315e852d1fda Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/582863865:1685120943:yfFLKVaCBBJ49_Ls2WqfWmao0SKrrHmNfW8LH4N6B9I/7cd7e6e08d7a917c/ Frame 144E 6 KB
7 KB 1655ms
1655ms XHR
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/582863865:1685120943:yfFLKVaCBBJ49_Ls2WqfWmao0SKrrHmNfW8LH4N6B9I/7cd7e6e08d7a917c/530315e852d1fda

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e08d7a917c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

462e8dd3504e5546a4875ab091b13f0e0ab0714e7bdbfa06e280825b1c34b360

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/yeipj/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 530315e852d1fda
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:47 GMT
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7cd7e6ff2fcd917c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 502 1f4e7065139f547 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1333819845:1685120902:Z3__ZKt_VpgN91QUuGdo-A6F7YgL-d7SA302h2AP-XA/7cd7e6e08d79917c/ Frame 4E66 6 KB
7 KB 1649ms
1649ms XHR
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1333819845:1685120902:Z3__ZKt_VpgN91QUuGdo-A6F7YgL-d7SA302h2AP-XA/7cd7e6e08d79917c/1f4e7065139f547

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd7e6e08d79917c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3285634bd7085f83f768214a6ecbbc13b112ab90325c49dc8cd612b1b706bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ul6kt/0x4AAAAAAAE2JblGG6mbzUtx/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 1f4e7065139f547
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 17:57:47 GMT
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7cd7e6ff3fee917c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST 222eefda49ef239
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/463605982:1685121116:mfPtMuD0ZWtUuVGx0cfj9RFzvxhyqxxiLiP2Hhz2IKA/7cd7e6e09d80917c/ Frame A181 0
0

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5E63 295 B
796 B 24ms
24ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zeffy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 26 May 2023 17:52:58 GMT
x-content-type-options: nosniff
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 288
x-cache: Hit from cloudfront
content-length: 295
last-modified: Wed, 10 May 2023 20:03:05 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FqMgWfI-ksz9jWg9T_mvtEtMmsLQ75WZG-VTvfnpitENz9SyZPcTXA==

GET sdk.js
canny.io/ Frame 7802 0
0

GET
H2 200 feedback-web-fetcher
app.hubspot.com/ Frame 779A 0
0 105ms
104ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zeffy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80695
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 7cd7e709fb863656-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.14968/html/fetcher.html&cfRay=7cd7e709fb863656&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fwww.zeffy.com%2F&cfenv=prod&pdt=2023-05-26&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 17:57:47 GMT
expires: Sat, 27 May 2023 17:57:47 GMT
last-modified: Sat, 06 May 2023 17:20:04 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7cd7e709fb863656&resource=feedback-web-renderer-ui/static-1.14968/html/fetcher.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id: PMU-Yty4Iuo9JloYo5rNRFZWjGpcKe0bIMkB52dnNKvj7InM01Ndyg==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: rvVygbCVo2q4W34rYvjLbkexWIBeE_mw
x-cache: Hit from cloudfront
x-hs-target-asset: feedback-web-renderer-ui/static-1.14968/html/fetcher.html
x-hs-worker-debug-mode: false

GET __ptq.gif
track.hubspot.com/ Frame 7802 0
0

POST rum
www.zeffy.com/cdn-cgi/ Frame 7802 0
0

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/ Frame 7802 0
0

GET a
www.googletagmanager.com/ Frame 7802 0
0

POST 0
r.stripe.com/ Frame 2CF7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.linkedin.oribi.io
URL: https://cdn.linkedin.oribi.io/partner/4140793/domain/zeffy.com/token

Domain: cdn.linkedin.oribi.io
URL: https://cdn.linkedin.oribi.io/partner/4140793/domain/zeffy.com/token

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1059465106:1685120922:p-yZmWvwLPNRO24jmz5Qhyau0-tWXpNO-sVaGinmOX4/7cd7e6e09d7f917c/b19c29329b4b6b2

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/582863865:1685120943:yfFLKVaCBBJ49_Ls2WqfWmao0SKrrHmNfW8LH4N6B9I/7cd7e6e08d7a917c/530315e852d1fda

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1333819845:1685120902:Z3__ZKt_VpgN91QUuGdo-A6F7YgL-d7SA302h2AP-XA/7cd7e6e08d79917c/1f4e7065139f547

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/463605982:1685121116:mfPtMuD0ZWtUuVGx0cfj9RFzvxhyqxxiLiP2Hhz2IKA/7cd7e6e09d80917c/222eefda49ef239

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/463605982:1685121116:mfPtMuD0ZWtUuVGx0cfj9RFzvxhyqxxiLiP2Hhz2IKA/7cd7e6e09d80917c/222eefda49ef239

Domain: canny.io
URL: https://canny.io/sdk.js

Domain: track.hubspot.com
URL: https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=2614165&rcu=https%3A%2F%2Fwww.zeffy.com%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&r=https%3A%2F%2Fwww.toadgivesback.org%2F&pu=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&t=Donate&cts=1685123867186&vi=391cdc4e01cef0145c0c8a8970e005e4&nc=true&cc=15

Domain: www.zeffy.com
URL: https://www.zeffy.com/cdn-cgi/rum?

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812495571/?random=1685123867216&cv=11&fst=1685123867216&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.zeffy.com%2Fen-US%2Fembed%2Fdonation-form%2F16921496-e043-4a10-a34a-4c36c3a4d019&ref=https%3A%2F%2Fwww.toadgivesback.org%2F&hn=www.googleadservices.com&frm=2&tiba=Donate&value=514&did=dZTQ1Zm&gdid=dZTQ1Zm&data=event%3DTTFB%3Bevent_category%3DWeb%20Vitals%3Bevent_label%3Dv3-1685123859053-9215124713256%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/a?id=OPT-TD858CV&cv=25&v=3&t=t&pid=96038876&rv=35o0&es=1&e=gtm.load&eid=22&u=Ag&h=Ag&tc=2&z=0

Domain: r.stripe.com
URL: https://r.stripe.com/0

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hubspot.com/	1970-01-20 12:05:25	Name: __cf_bm Value: NGHQe5fZJpe0qYLmwSm5W6oxEqyQJnJOKzAe2VJLQk0-1685123860-0-AWg9nHKcBCTZI/KrFp+Zz8OmCRcnZKq9xnpcT4G2AtdISc0u/1+7aAdZPHjx9MDtOz3846yMRZbncvvW1Ur7tpo=
.doubleclick.net/	1970-01-20 21:26:59	Name: IDE Value: AHWqTUmfFeF33r6gvQRf45fugPIfE1NkxEz1VltVRGSKCep3n1KRjwxp-692wPHa
.linkedin.com/	1970-01-20 14:14:59	Name: li_sugr Value: 14e63b46-c3b3-4585-a5a5-a8e7c86673cb
.linkedin.com/	1970-01-20 20:50:59	Name: bcookie Value: "v=2&58514384-89b6-409b-82ff-2381fa083df9"
.linkedin.com/	1970-01-20 12:06:50	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2948:u=1:x=1:i=1685123860:t=1685210260:v=2:sig=AQFUHqMb4EFPFe9mD2NAMsiWk6U-BEs8"
.linkedin.com/	1970-01-20 12:48:35	Name: UserMatchHistory Value: AQKV2y9NqA1EOAAAAYhZNYfosgoYW4vzLyVHr_00r9c_pOz5Nm3ZHdk3FbDaNM7j39bYNNM9ukMYGA
.linkedin.com/	1970-01-20 12:48:35	Name: AnalyticsSyncHistory Value: AQI3lgO1aMoSiwAAAYhZNYfozMRIl1Ijk26qQRQOWJiENcKOJurlnhssJ_PLmo8CM3Lg9ODe3UxBktGpCOHSmQ
.linkedin.com/	1970-01-20 16:24:35	Name: li_gc Value: MTswOzE2ODUxMjM4NjA7MjswMjHIbsXir28Is2qhMS0Q32EU7LCexBcQEegkcyi3pRXQvQ==
.www.linkedin.com/	1970-01-20 20:50:59	Name: bscookie Value: "v=1&20230526175740a76b7a22-9126-42a9-8844-e0a9c71e612dAQG2xrpLpYqvYFB_Rg99l78dkT6gcLh4"
m.stripe.com/	1970-01-20 21:41:23	Name: m Value: 6e00c442-febe-4ef5-a746-0149b1203e7795824b

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://toadgivesback.travelonadream.com/fcf-assets/css/fcf.default.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://toadgivesback.travelonadream.com/img/.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://toadgivesback.travelonadream.com/img/top.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://toadgivesback.travelonadream.com/facefiles/loading.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://gtm.zeffy.com/data?v=2&event_name=page_view&dtdc=eyJwYWdlX2xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuemVmZnkuY29tL2VuLVVTL2VtYmVkL2RvbmF0aW9uLWZvcm0vMTY5MjE0OTYtZTA0My00YTEwLWEzNGEtNGMzNmMzYTRkMDE5IiwicGFnZV9ob3N0bmFtZSI6Ind3dy56ZWZmeS5jb20iLCJwYWdlX3JlZmVycmVyIjoiaHR0cHM6Ly93d3cudG9hZGdpdmVzYmFjay5vcmcvIiwicGFnZV90aXRsZSI6IkRvbmF0ZSIsInBhZ2VfZW5jb2RpbmciOiJVVEYtOCIsImFjdGlvbl9zb3VyY2UiOiJ3ZWJzaXRlIiwiZmlyc3RfcGFydHlfY29sbGVjdGlvbiI6InRydWUiLCJldmVudF9pZCI6IjE2ODUxMjQ3NTY2OTlfMTY4NTEyNDA4ODM4MDEifQ%3D%3D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtm.zeffy.com/data?v=2&event_name=page_view&dtdc=eyJwYWdlX2xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuemVmZnkuY29tL2VuLVVTL2VtYmVkL2RvbmF0aW9uLWZvcm0vMTY5MjE0OTYtZTA0My00YTEwLWEzNGEtNGMzNmMzYTRkMDE5IiwicGFnZV9ob3N0bmFtZSI6Ind3dy56ZWZmeS5jb20iLCJwYWdlX3JlZmVycmVyIjoiaHR0cHM6Ly93d3cudG9hZGdpdmVzYmFjay5vcmcvIiwicGFnZV90aXRsZSI6IkRvbmF0ZSIsInBhZ2VfZW5jb2RpbmciOiJVVEYtOCIsImFjdGlvbl9zb3VyY2UiOiJ3ZWJzaXRlIiwiZmlyc3RfcGFydHlfY29sbGVjdGlvbiI6InRydWUiLCJldmVudF9pZCI6IjE2ODUxMjQ3NTY2OTlfMTY4NTEyNDI5ODg4MDEifQ%3D%3D Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js(Line 38) Message: Refused to connect to 'https://cdn.linkedin.oribi.io/partner/4140793/domain/zeffy.com/token' because it violates the following Content Security Policy directive: "connect-src 'self' https://unpkg.com http://osm.org https://.google.com https://pay.google.com https://ct.capterra.com https://imaginecanada.ca https://www.youtube.com https://www.canada.ca https://docs.simplyk.io https://www.blog.simplyk.io https://geolocation-db.com https://dashboard.stripe.com https://connect.stripe.com https://api.hsforms.com https://api.crowdhandler.com https://.sentry.io https://.sharethis.com https://api.zeffy.com https://.google-analytics.com https://.analytics.google.com https://.googletagmanager.com https://api.hubspot.com https://api.hubapi.com https://api.amplitude.com https://.googleapis.com https://.ngrok.io https://stats.g.doubleclick.net https://forms.hubspot.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://api.cloudinary.com https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com https://cloudflareinsights.com https://vitals.vercel-insights.com https://pi.ca-central-1.amazonaws.com https://api.metrics.heroku.com https://particleboard.heroku.com https://papertrailapp.com https://api.cloudflare.com/client/v4/ https://.pendo.io https://simplyk-bucket-staging.s3.us-east-2.amazonaws.com https://simplyk-bucket-production.s3.ca-central-1.amazonaws.com".
security	error	URL: https://www.zeffy.com/_next/static/chunks/pages/_app-6fbacfe579fa448e.js(Line 38) Message: Refused to connect to 'https://cdn.linkedin.oribi.io/partner/4140793/domain/zeffy.com/token' because it violates the following Content Security Policy directive: "connect-src 'self' https://unpkg.com http://osm.org https://.google.com https://pay.google.com https://ct.capterra.com https://imaginecanada.ca https://www.youtube.com https://www.canada.ca https://docs.simplyk.io https://www.blog.simplyk.io https://geolocation-db.com https://dashboard.stripe.com https://connect.stripe.com https://api.hsforms.com https://api.crowdhandler.com https://.sentry.io https://.sharethis.com https://api.zeffy.com https://.google-analytics.com https://.analytics.google.com https://.googletagmanager.com https://api.hubspot.com https://api.hubapi.com https://api.amplitude.com https://.googleapis.com https://.ngrok.io https://stats.g.doubleclick.net https://forms.hubspot.com https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://api.cloudinary.com https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.intercomusercontent.com https://cloudflareinsights.com https://vitals.vercel-insights.com https://pi.ca-central-1.amazonaws.com https://api.metrics.heroku.com https://particleboard.heroku.com https://papertrailapp.com https://api.cloudflare.com/client/v4/ https://.pendo.io https://simplyk-bucket-staging.s3.us-east-2.amazonaws.com https://simplyk-bucket-production.s3.ca-central-1.amazonaws.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: http://www.toadgivesback.org/images/x.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/582863865:1685120943:yfFLKVaCBBJ49_Ls2WqfWmao0SKrrHmNfW8LH4N6B9I/7cd7e6e08d7a917c/530315e852d1fda Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1333819845:1685120902:Z3__ZKt_VpgN91QUuGdo-A6F7YgL-d7SA302h2AP-XA/7cd7e6e08d79917c/1f4e7065139f547 Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.amplitude.com
api.hubapi.com
api.hubspot.com
api.zeffy.com
app.hubspot.com
canny.io
cdn.linkedin.oribi.io
cdn.polyfill.io
cdnjs.cloudflare.com
challenges.cloudflare.com
connect.facebook.net
feedback.hubapi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm.zeffy.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspotfeedback.com
js.intercomcdn.com
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
o563579.ingest.sentry.io
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
snap.licdn.com
static.cloudflareinsights.com
static.hsappstatic.net
toadgivesback.travelonadream.com
track.hubspot.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.toadgivesback.org
www.zeffy.com
canny.io
cdn.linkedin.oribi.io
challenges.cloudflare.com
googleads.g.doubleclick.net
r.stripe.com
track.hubspot.com
www.googletagmanager.com
www.zeffy.com
107.22.31.116
13.107.42.14
13.224.189.74
18.202.131.124
18.66.147.3
2600:9000:2057:3800:19:7d10:bd80:93a1
2600:9000:225e:9400:0:1a32:efc0:93a1
2606:4700:10::6816:18cd
2606:4700::6810:3865
2606:4700::6810:75be
2606:4700::6810:88ce
2606:4700::6811:190e
2606:4700::6811:65ac
2606:4700::6811:826e
2606:4700::6811:c9cc
2606:4700::6811:d839
2606:4700::6812:18c4
2606:4700::6812:6b9
2606:4700::6812:853b
2606:4700::6812:8e65
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a02:26f0:3500:16::215:148d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::282
34.120.195.249
35.209.197.61
52.24.142.169
54.186.23.98
54.68.59.163
99.86.4.99
007d69a967089fb4f05d4467f29142c9daf64debc278f2dcf1ff46e42b011a90
015d3cebad9f035eda71696b7af9ec1c10f49b45fe4619db1e59cf248a503585
0191c3451686487d24bee79069099db69a343fbdff1aef191504515fe3eb4104
0287dacd78b259bcde50ae3dd87d7170a5f629f83f90062dabeef3a68f1c0b28
05625e335abd08a4ccb4656670dce32bab639e74afec18d7dec206607439e54a
06720d10516bbb7bba1aaf635d010448544712f372759ad10eef6c433ef61673
0a4bfea3693619453b7d133988d11750b0528801f62dc05e7cd45c87df0e2a63
0b32560cca87efe8ebc45d321ffaf32b266d22f540b1d686bb574dde3024776e
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0c26d986932eb4454dce8cc5a1e48bc67b48026f203820970795d16a0ec6a9b2
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
100c7b6365da26112898b6aae3af4bd903d2b567f13f6f797d30356848067f26
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
14c4b81404a1b2258e9b51a4bdcfb30e439586fafb14655ee4634b043446ba8c
15c65364c359ba7069b40108fc19d7ea0b1bfbe43e0ef8e318a5f8c89964f362
1691aeac47c082c51ebbba3e5f69f7fda438261cd19a7962b34b04c6a30aea9d
186df69b12b9aefddeed442da0ca515bec0ccefeb6c592572ead665b1b64923b
1c10ae869becf59d8542701ca484e03ed89d94a93d751fe0dd269d92c1783f9d
1d20252b7ff344826f1e27c66e3ae8c458a103f4772c7a0df2a36dd5a5290390
1e3285634bd7085f83f768214a6ecbbc13b112ab90325c49dc8cd612b1b706bb
1fa810202626ec84220cf406fedfd4ddd214dbd8d794e98cae03e25d68d43f7b
1fd27aee94584421f3ac89f53a06704e4f1d6d2d19f625b19cdbfb480954c4e8
2028c460e583dc45642c859d964307619844eb244ed26aa45b0646e414fe4fd8
232824570a0dcb796ca8e72a70cbc979d27f927c9465baa559685a94c911d10a
2350add23b4c7a29e50ed33c3a4ec8af8fff2cc389981510d5e60e552e4944bf
238ee977afa9bcb505ce5dc8de24954033006dc6a5f502ce9c44ab22deeb383c
2397ce6d4708b01af88c8a855d9a071732ad8906cd3dc23326a7864d1d841d31
23ccc6e5ed1b6549eeb6cd2c7ac99544ead22235ca742a1160b1af15607c27ab
250285ca5ee77ac87e9bcf7801ef8b09dcac619f0055689cc9759572a766734b
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
253da26415645a2889fb6b4f5367f84e2b5decd7670d0a6b3ef7a38188093696
25bb4402ed7b742e845ee12e3c558aca458024d23e4423424c64c6b45ac4a315
2720537219df714de9bb319acb58e5a8873b7e7f27ed47cb7cbe9102d03ee2f9
2745b1f2a690e7e24d6205017cc4f1540e2379bed3126c7b9c9d15f5953b7f5c
29448ab40871629a247547503cc881a533183e2014a01ad20bbe638bd2fca94a
29d747302c3c455596fad85ef07322010feb94ff6bfec81fbcbf1ba8007d57b0
29d917b757c2cb0bcc6f85719a8eb49241a6942e276d9d68e1336e233dfe4aac
2a3735c8a9808134ea452c8f9cafb02d9ed5a4eba03ec292c397a6e6839395be
2ab398928e6cba59203c12f49cc1006e325d5d375069e45ca48a474ea6f9159b
2c1acb8c394a4d0a40ce87c7aac1234ada60f189837486454660543702484290
2df84f7a02e337c62ec2953b72a6064d5f7a4d18013a8f16ac8d05c96ef6ee92
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
2f05db19c636529ff98d812739671cc0fd607ab9b637c3e0181b83dba37dd56c
31853a31c9337ac52c7fa8d0324f78f9374781d6fe442c4d4dde8d39f4963e33
329ee85431436cadb7b38cfcd7ff3381a6b49cccbda67efce3537f1e11c77410
33267d46983d8858b3616603bf4dda5c660e05e8b27485a0b25125769f52564c
34210726dd6d2a3d1c9821e890065c8bec8ee2172913f36a13093bd5295a4922
344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82
34b8fa3e9c1d55b37ec0781912d72c101a9f60060e004c39af67ff1b3b237c22
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
37509c3eda0c6c078ba1895c22d74de290195424f6a71e04a62197f7370b9bfb
3dfd74bb515ea02cc6db83b2e78d725af4b5b34fc087ee8b304ebce9a5c5d725
4083c5d237e05aa2f7c5bbcac948f430bc37dd2466a071e00cc91aef4a789eac
412fb4c03dc82c2545707d5b6ebf648bb16de5422fd298895c8a4320ebbe1f13
436c8c1d119bb08a4b8fd17dbbecf32fa40dff9cb4860de7adaad3e9db31a3d0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e1d6a090660fe50419b6ab1540aa18520a37bf69b1d38e95db0f0e6256a11d
462e8dd3504e5546a4875ab091b13f0e0ab0714e7bdbfa06e280825b1c34b360
469cafc076cc2c1d6edfce6ac1afdb2741251e39daae89493c85298f758047a3
483ec486a8c947a82da6462397dbe386bebab6b2921f517c35e2b9cb53498c89
48b6989b809be5ece1bc768133405dfaee3081fae204ebf8b9d26ff0fd1fc18c
4937acc11d18ff59f464a7613ee414c01a63299b6ad0aa14ca356c81914aa7e8
498be4fea552d7d03094cc5a22616cb5379233ad2df414c75a31892be02926aa
4e661136d2165abc6c30d73f80841c193960b40618255df0741e3fb95ce2a4c1
5142e9458a5d53581a643bfb067c6d2eb8d41bd03bc0611fc9cfeab3e00eb08e
52459a6b0653ab913cda2fac820e7f486c4479742ddd44f62adcd5f9142f201e
5321f57c25f368531475325c23aaf24d7d0058c2e7f5fd29942011953ecd185d
5515898f8617b16447aa262bdaacd88defa8485db770261b4545a3a4567942c4
55889cb209e2528721a6a765951c90d7986ef388c47039eb8f9ba3b2232c5b6c
5588c8382ecf336767caaf015b4efd35fb4a95db9d5cb7fb62620e4ef8b0c4cf
56dba4647aaebc3b820748438795cbcc4ff050d96e12eb84162c890a3b4782c6
59e918790b0d262732acfddab5547285b261757d9084cc6aa7563a3947274f2c
5a1cd3226c2244f0c46a1a6d143059a1d07f8f76b08ee7628439cb0826973a78
5b46a43adef550ea4b5af6f548cb5fd82e2fb5a6419ed1b0b472caf73890677c
5b8995d9fdee21ad2c1b10dc231b0b161579a02f42cb60b062c311938bb3683b
5de06ab0648dac21eff7a73936a190464857f4ef3c5dcdf848e69084dea8f092
5df028ef1f8c9b7c1000aff32164539fef5a3c7b2c014cc31bba19e9cc8666c6
5e1176776ebd9c37e9adcb630edde5d61671b36fb84a1ed689aec86398786692
60321818f28fb314f14109e1a352f6c61fcadcedaae690ccc0d246cadccc7040
70f006e9a4c3672a2aeadb0dc1647157ee15bcc17786757f29bb73ebecbf3eaf
73805cbd5d4a1ec292c6e5befc1d5cc54960c111a623f549eb8add2f5c4478cf
76b1b57488f0a0c84bea686385825dd5de03af2cb833b9e8c4da8188fe1315c8
76f62b04ec767daf15e0ff59da80ee061704a046abe4a964528c102e21c90d00
779f2afc1389478e7cb5ccf588a5e6c063bdacaaa2bc0a77ec14ad209266b18e
78a6da53d3fee6097a33cfc70288d1f3237f5d1d2901b3f2ced6fc2104b54476
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b2002e3f56f6cc0b0894921b4ba649211529c27b477e1f036fc4d560887550b
7bb7492182380b81ae023e174fedbefcfcafd81e556a248d7242e38716515701
7cbc63886ea763f5cea5d01a409c3934873c52933b9d3bb5201decee6a5bbc1f
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7fee08728b501812ba1c44658ad4ef459c107d78bd6e5b27c8ff80f110c34c04
7fef5da82a0c6d01bd03b50605323fa4b9e3d2677bbb3cfe219f5e6d41b7e29e
804d181f8aa441893a311804085fa4b7fd96899830a2bb375be6ed73cf7d5741
824e950950ebea71aad0c63db0e78f27b4615962fc62c7e34121fae8ee0ecf25
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
85a1a68bf6d15528b36d83e2b1065a00013d9e0e845a99400e0b3b81a11ae279
869c4248ee8b7e0f586dcb1da68e75f3bb25bd8cae19438ff85bcdca1de1dec2
86ae35c34f79ffc61c3277ef16481cf863303ede3f4d6d6cebdcb828ea78b046
87a6f3c4847098454b7694e1b2e880b7e8f112c87a4ee83d852bcadbd42054f7
88e6df294d2d2467b7deb6dfc5289cbfbc7aee71de015168b406008bc54b614b
892bd0f1212be3aa2edbf394b3c5f152618b173b0e3feda1cb63e47020fa2e91
8a3b07a226652dc02148dfaec3a74c4bc80a6397d115c2b0039b984bf7992663
8a6d7e23d1e78a60dc8e163ea622481887cb30b91a6db8112dfaaf6b8853618a
8aa79ec5ac7aadfa8cb4026239848538c189c195e743eaa8b630a9cff71feff5
8f9b4d3db4f0d55ea7e9025892b99bcb10f5f2d546b4f7f51d4760b2b8f00342
92da91c1f5f4c858a7ed846b190fbf58f768816a4e7d0de923c567e30d7127ed
9321ba56a2159ff8c9a0ede6e681785029ff445e9a0966da8d61d2246288cc83
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98a015902fd49e782327a389d1f27b930f808ff452ed268bceeda569b55f12e3
9a950c1f3717b4e1c155d7c65ae0ab8260451d588802a82b2ed664e59b4c8b85
9db225c50bd535f0e170ca98c93e353d65db90887504f26b58b673ac01c2088d
9dd26115c4b337f7b4b46b7d349c019959ba3d1b62baa8975b1bf626060ef75d
9e0d7e7820b47c5b377abf48e51516ddc918faeca14a5d77fffc49f2cdd7a52f
9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd
9e681e3c3bd8d02eaedf3348048cb5bd834c7f72146b6a6f225426d88f3f38c4
9f5f59afb91c49cbd3505796aed5b94bc14be875d121b92bfa5eb7635ade8e6c
a171e08abc7ac6e08bf01ae1c0db5641b852dd56a26f29ac7ac0bc8df4e645e2
a1c0e7d03b65f7ada61acbf303b34b485cd5ebc84d09b39bb9a05c6d589a4cbd
a3b59dd81443b29ad5616db6445a07506e36642a716817bec331bd32595ef469
a45fc65f6626c77ae21440b89c3d45a586fd0bc741861af4a03f66a36b425a63
a54eed044ea0a420ae8958939ca98b99499a3c8b7d5907a8c783ddd1c4f4af43
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a75aa3d53c71a8fa434eb7eaa1cfb9896babc1413026e4cefc71f923420f6e3d
a85281967db603ccabf2f0672f393057e59ed32f52e3a7a9275a18f6f2309481
abb9ff7e30ada607c32d907967e0de97ee95883dab941a811cfca4d36dce7ccc
abf60938fb4ed72b9bff3ca114c995a7e4e4f5b0f1ae550d72ce4ede506e018a
accedf8e189cdd5c09fdbcda2174b28eaaa6bf7853005cf37e0c8582271cc4ed
ad715d7a8a7221eee7355315bf2d77c39ecfd598f7c44de8939dc65490037b49
ae046f1592296a6a3c293c1f4fdc6606b08922530de76f79c9ae892c38335ec2
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1ad83351a34b8be86a67a09e2882f640ea25ba5ecf712771c6545e85f2e9ce8
b1bd9caf14a2bdc0d40dcd5712fe1e6c5256a88a3a2178b09eaf098c1ab26d61
b3cbf928677d9114d2a50ca02ce7bfb5a970497bc6a656ff9f9b43630eab4391
b44651fcfe6284ea11667b84e1d8cd3bdea7ff239f051865cb07746e84ff85ff
b54a2b888761e5ba2603171d29053488df7ec6172ecb0b425c229bd9b61bb247
b6228dd941ebabcc25da241f84f710346eaf65cbe3eb836fe1026312515629ae
b89a8171cc7fe65ff441678fcb193838d7cbb65e308828101286d747f7372017
b8bdda07b5474343260e4b41f642356c3bac7faaf24e9161ce42f3f097455d4d
b96ca3dd01d0ed06178a389deb8cf5f3388cb02a1fbcb6ac9d31133336aebfbc
b97bf57059659c8725a8d92958433216c33627ecbb250e9bfec581769f0d1647
ba025fe507427992b581796332e1d9becef3d74770c172baa03a69c119bd3ba6
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bd4b5082f4187b38d8697a256e61f50507a837b121f14d58b69d37deb6362c4d
be74a3755fa61278b4e2f35b103b938e03e06e0db310f00a4d9b769450b05dbe
bebbc30e6def584290a889f8aecf3a355295c706689ec8312c7edfc370da0f1c
bf95f28fc508ef4c0f78c582791612b04e058664266a253c9c50009099f75649
bfa3d6c1a0223a487f5c8a0e7f69f2e670c8b0896a95868b8f8238936fd01748
c0d81a1f121b9cd6d731dd73252a5580bf4f42e541d3b4eb13a93c86fe9c0218
c15a9eaad854948a3c646dd6aa80c745e50281e04b0e7d44645c2ddd37c00380
c1fca5fcc5458e2f485a9ff87d94d943e43b5998263bbeb123ac38c2e8d2fdd3
c36acfc4be8f27d682f3c464bbe698dfb52f2552a5bc7565568aca71d02d7490
c4c7acaaeaa26ccfd9f798f74dbdbe2866532fb431d5ae6834673f3515aa1132
c6f8b870eaed0263135b9c937b2bf11a9fbf904aee31c06aaea19254b873f668
c75ca2c25e69eab417e7f02da4ffaa1be58d03819c2b62ae15c93ee5d56e9d58
c881c022703036e784b8c0b1856c3784fe5db36d5eb066ca7e30d7a763d6882e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cee3e4d999319151b1cfb268b0df749fdadf1ddc8ffe750172655f691c24d9aa
cf88436d87ccded89fe4b4b68215f43d5aace1e63893c1a32558e5e3eacf16c1
cfc7e56f36db32b12566a7e41e5bb4af76b8e071097c2095b0c4d0cf94ce7f16
d253a2c36f4718fb19e763572aaa9e12b2816768f2f44d6b86b895ac03b84630
d27ffc19fa97ac2f4f330f8fc1dc9e62d2893d7dbea11e77dcf690bae7ecb0a2
d6a664910b67e163066d3c17c5c7917c9ea69a4ed9ed546abdc7d2e39fa4259e
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87
d91df04f8981b608aab63a3ed5e8f022b86fe704f9562ffce1fb5a49f8cd47cd
d93363292840cac5afb90a6018788197423d254c785f5c66b44d64834f054364
d9774f047203a7e3ea234c76f907b23747d48a0316e70d8a185f0be49e23b217
da93b400ca2b4f825acd54d23494a67cb8038174a310659e4796aa394a1130bf
dbbc6e4c702b76f6915141b94a57e8844498f6c27a78c64cc2d73f9bc80b0c22
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc52657c66bba49f9185b978b9c1dc4550304a0115c7aa6cc8dc2d2d4151fd62
dcbc2524bcb15a49033c34984bab661375ed09f1f7d24ec4d8d28c9cebcbdc0a
dd6cc76beb0e7edb20e62f556d3e8e65831249f047508ec8d6f7782a19238f16
dde11429855ae6bef01854938b46fdeec6514ae8c99ac7066453ec9b9fa1b3cd
df3026d4128d539db08ce599956c426927aa513f2278d801ce8846f91e05f491
e1b05ebd3a8c059b87c715747038e1c70edaaf976b58a15f2868c528ee71e1a6
e1ddbe85c8992796744327d5f40ee59e7d55cb37446cff940362bdcc04be0a57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f
e55ee5826df8d2dd28559673a3ca87b16fdfdff65dc665cff4e8a2c8148695a1
e698dba9144a138fa69c3bbe1f6da7626c87e5ce8a1b7359d0cf05e1719bfa87
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e81f19c411ca426eb18545f42ad86883f22d74066813e555614c6e9c154a6aed
e922201b5fd5f85d1dff2d68cb5a22e654de317b1a9377ab0fa95ebb8c9700b7
e944bf269bf7b8d011ebc6ba0d5c1af40a6f5c5613758c05ba752f2c64fcf642
e964e65af00fd11b434cb31ad3fed557af38e83004d5a081faa4fb04d2c57697
e98579d15526df6c518182d62a1761d38a82caccaddfdd1a1c1f48ee12b78897
e9f902321d42242e7879e420fe750a362106a924e6ae4753334284d233267095
ea3caa9b7b9cbc15edc860316fbaeb9690a9cd0dcb45c3d6f1481a1962d08d78
ecb71531224ec608a4f8b0cf1f11ce072541fec902cf144531fce0d400377f06
eec6e4163995153f7167a647f632cc32044486a00d9003c2597af06b5e5dde4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d504c3f8d555194364d8bbc5e294f595d0a10857d42fcac22cd324cb5ebfc3
f1894eb6a1888da1ea36bf6c34e61186ff85cd2f3350c567561a1ab280ae942a
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f386fb273c9d5a5556496dd64ec4bdb6cb40321b50491020db839c313b2a8674
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f46d71343a1274012614131a5bc57b7c7c5cc1147f1e113009214222c55fbe45
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f686c0ffc4eabec34e038d5a871a23f9d8a0fa3a89c3a44cb95b73a1ae706cd0
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f954b593b86bee3f385eae6cca41e6850ef74815d4dc02d192b5aeeb8cb10489
f9716b26933c14d1ec471f31afd212af235ca7a62668b1c5509440de6ae99a2e
fa3906e491d583007242182788dc9f878a4f545cbed228d324039124c9673884
fa97461ac082343d29391e63c42a0408bafa92665618d10ac16397bea10fbc96
fcdb8271bf8bbee00cde6e546f7c648a743d92d974dcc6374050031e9b74d616

toadgivesback.travelonadream.com Open in urlscan Pro 35.209.197.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

450 Requests

84 %HTTPS

73 %IPv6

36 Domains

50 Subdomains

41 IPs

3 Countries

25525 kBTransfer

40385 kBSize

10 Cookies

4 Outgoing links

Redirected requests

450 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

toadgivesback.travelonadream.com Open in urlscan Pro
35.209.197.61 Public Scan

Screenshot
Live screenshot

Full Image

450
Requests

84 %
HTTPS

73 %
IPv6

36
Domains

50
Subdomains

41
IPs

3
Countries

25525 kB
Transfer

40385 kB
Size

10
Cookies

450 HTTP transactions
1 data transactions