bluestarfam.org Open in urlscan Pro
2606:4700:3037::ac43:d4c4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bluestarfam.org/
Effective URL:
https://bluestarfam.org/
Submission: On January 09 via manual (January 9th 2024, 7:16:00 pm UTC) from US — Scanned from DE

Summary HTTP 332 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 46 IPs in 4 countries across 30 domains to perform 332 HTTP transactions. The main IP is 2606:4700:3037::ac43:d4c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is bluestarfam.org.
TLS certificate: Issued by E1 on December 9th 2023. Valid for: 3 months.

This is the only time bluestarfam.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:5b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
112	2606:4700:303... 2606:4700:3037::ac43:d4c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1486	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
18	76.76.21.142 76.76.21.142	16509 (AMAZON-02) (AMAZON-02)
1	172.67.23.169 172.67.23.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.154.101 18.173.154.101	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:7600:4:397a:df80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	18.209.122.234 18.209.122.234	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:1b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::432	54113 (FASTLY) (FASTLY)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.205.187.203 67.205.187.203	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	107.23.86.50 107.23.86.50	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26db:5800:1b:348c:b140:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2600:9000:26d... 2600:9000:26da:7e00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.36.51 108.138.36.51	16509 (AMAZON-02) (AMAZON-02)
26	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225b:3600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:401... 2a00:1450:4013:c02::5c	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
3	34.210.103.90 34.210.103.90	16509 (AMAZON-02) (AMAZON-02)
1	198.202.176.81 198.202.176.81	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
332	46

1 2606:4700:3036::6815:5b4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bluestarfam.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

112 2606:4700:3037::ac43:d4c4 (United States)

ASN13335 (CLOUDFLARENET, US)

bluestarfam.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.bluestarfam.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1486 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.21 (Walnut, United States) 2 redirects

ASN16509 (AMAZON-02, US)

chatfast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.chatfast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.23.169 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-101.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:7600:4:397a:df80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.informz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.209.122.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-122-234.compute-1.amazonaws.com

bsf.informz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b32 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::432 (United States)

ASN54113 (FASTLY, US)

websites.cdn.getfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:c55f (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.205.187.203 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

api.chatfast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.86.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-86-50.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:5800:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26da:7e00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-51.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:3600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4013:c02::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.210.103.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-103-90.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	bluestarfam.org 1 redirects bluestarfam.org connect.bluestarfam.org	6 MB
54	stripe.com js.stripe.com — Cisco Umbrella Rank: 2656 q.stripe.com — Cisco Umbrella Rank: 13887 r.stripe.com — Cisco Umbrella Rank: 6573 m.stripe.com — Cisco Umbrella Rank: 2365 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 12870	1 MB
52	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6 pay.google.com — Cisco Umbrella Rank: 3910 play.google.com — Cisco Umbrella Rank: 95	1 MB
25	gstatic.com fonts.gstatic.com www.gstatic.com	690 KB
22	chatfast.io 2 redirects chatfast.io — Cisco Umbrella Rank: 940755 www.chatfast.io api.chatfast.io	352 KB
15	classy.org sdk.classy.org — Cisco Umbrella Rank: 85421 prod-frs.content.classy.org — Cisco Umbrella Rank: 83338 pay.classy.org — Cisco Umbrella Rank: 99202	1 MB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115 firebase.googleapis.com — Cisco Umbrella Rank: 4828 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 373	6 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	495 KB
5	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 8113	141 KB
4	google.de www.google.de — Cisco Umbrella Rank: 4002	733 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	3 KB
3	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 126484	134 KB
3	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 13022	242 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2891	16 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	69 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	informz.net cdn.informz.net — Cisco Umbrella Rank: 270215 bsf.informz.net	23 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 5941 heapanalytics.com — Cisco Umbrella Rank: 4932	37 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 1107 p.typekit.net — Cisco Umbrella Rank: 1464	983 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	31 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 25631	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1326	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 52566	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
1	wdfl.co r.wdfl.co — Cisco Umbrella Rank: 53118	5 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 1095	149 B
1	getfeedback.com websites.cdn.getfeedback.com — Cisco Umbrella Rank: 133765	41 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173	2 KB
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 10750	19 KB
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 70691	5 KB
332	30

	Domain	Requested by
101	bluestarfam.org	1 redirects bluestarfam.org
36	play.google.com	www.gstatic.com
26	js.stripe.com	cdn.transcend.io js.stripe.com
18	www.chatfast.io	bluestarfam.org chatfast.io www.chatfast.io
16	q.stripe.com	bluestarfam.org
13	prod-frs.content.classy.org	connect.bluestarfam.org cdn.transcend.io prod-frs.content.classy.org
13	fonts.gstatic.com	fonts.googleapis.com
12	www.gstatic.com	pay.google.com www.gstatic.com
12	pay.google.com	js.stripe.com pay.google.com bluestarfam.org www.gstatic.com
12	connect.bluestarfam.org	sdk.classy.org connect.bluestarfam.org cdn.transcend.io
8	r.stripe.com	js.stripe.com
6	www.googletagmanager.com	bluestarfam.org www.googletagmanager.com www.chatfast.io
5	cdn.transcend.io	connect.bluestarfam.org cdn.transcend.io
4	www.google.de	bluestarfam.org
3	m.stripe.com	m.stripe.network
3	files.doublethedonation.com	connect.bluestarfam.org files.doublethedonation.com cdn.transcend.io
3	www.google.com	1 redirects bluestarfam.org
3	fonts.googleapis.com	bluestarfam.org cdn.transcend.io
3	pro.fontawesome.com	bluestarfam.org pro.fontawesome.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	cdn.transcend.io
2	firebaseinstallations.googleapis.com	www.chatfast.io
2	firebase.googleapis.com	www.chatfast.io
2	api.chatfast.io	chatfast.io www.chatfast.io
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	chatfast.io	2 redirects
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	pay.classy.org	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	static.cloudflareinsights.com	connect.bluestarfam.org
1	r.wdfl.co	www.chatfast.io
1	heapanalytics.com	bluestarfam.org
1	sdk.classy.org	bluestarfam.org
1	region1.analytics.google.com	www.googletagmanager.com
1	insight.adsrvr.org	bluestarfam.org
1	websites.cdn.getfeedback.com	bluestarfam.org
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.mouseflow.com	www.googletagmanager.com
1	bsf.informz.net	cdn.informz.net
1	p.typekit.net	use.typekit.net
1	cdn.informz.net	bluestarfam.org
1	cdn.heapanalytics.com	bluestarfam.org
1	widgets.guidestar.org	bluestarfam.org
1	use.typekit.net	bluestarfam.org
332	49

This site contains links to these domains. Also see Links.

Domain
welcomeweek.bluestarfam.org
community.bluestarfam.org
app.viralsweep.com
vsn.eventbrite.com
nextdoormilitarymovers.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
www.give.org
www.charitynavigator.org
www.guidestar.org
www.hirevets.gov

Subject Issuer	Validity	Valid
bluestarfam.org E1	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-23` - `2024-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
*.informz.net AlphaSSL CA - SHA256 - G4	`2023-03-16` - `2024-04-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.mouseflow.com Cloudflare Inc ECC CA-3	`2023-10-25` - `2024-10-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cdn.getfeedback.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-10` - `2024-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
api.chatfast.io R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
www.chatfast.io R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
r.wdfl.co Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-05-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://bluestarfam.org/
Frame ID: 4874239BD6C857ECADD12630D44C1E8B
Requests: 138 HTTP requests in this frame

Frame: https://connect.bluestarfam.org/give/474515/
Frame ID: 234063F32009FD9C7F9B9A0BC7616D05
Requests: 50 HTTP requests in this frame

Frame: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
Frame ID: 7E8B6A4712408A07D4CBBF627468E7BB
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 2720D08440D58811D31D760E18E2E671
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html
Frame ID: AE2E6100A9A2B40B26370F298AD272E1
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
Frame ID: FCEC124FDC44A76C3D8E9619924D0D57
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
Frame ID: 1C6F5790349740D7199ADD9C06BAFC09
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
Frame ID: 987C548A1F16EAB0F502918BA90B4366
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
Frame ID: 3F4DF4D9FF2FDBA9510BEE9E69153A4F
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 27D27890C46D4C015AB548E65C02EE1E
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 848E1BDAF528132DC895A2DAD08246AD
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 033D3A54C75E6173A7F3E8A8AFFB1957
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
Frame ID: F5B918B176E804794596B7CAF959A163
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
Frame ID: 4B5E145FF2016EFD2A5B43573296F3AE
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 7D733A9DC438214E3EA513F5C73B5AAA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Blue Star Families

Page URL History Show full URLs

http://bluestarfam.org/ HTTP 301
https://bluestarfam.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

332
Requests

99 %
HTTPS

68 %
IPv6

30
Domains

49
Subdomains

46
IPs

4
Countries

12501 kB
Transfer

28298 kB
Size

27
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://welcomeweek.bluestarfam.org/
Title: Welcome Week

Search URL Search Domain Scan URL

URL: https://community.bluestarfam.org/home
Title: Visit Blue Star Neighborhood

Search URL Search Domain Scan URL

URL: https://app.viralsweep.com/sweeps/full/14bcec-148872?framed=1
Title: Free MasterClass Subscription

Search URL Search Domain Scan URL

URL: http://vsn.eventbrite.com/
Title: Suicide Prevention Training

Search URL Search Domain Scan URL

URL: https://nextdoormilitarymovers.com/earn
Title: FINANCIAL RESOURCES

Search URL Search Domain Scan URL

URL: https://community.bluestarfam.org/events/calendar

Search URL Search Domain Scan URL

URL: https://community.bluestarfam.org/volunteer/be-volunteer

Search URL Search Domain Scan URL

URL: https://community.bluestarfam.org/programs/discounts

Search URL Search Domain Scan URL

URL: https://community.bluestarfam.org/communities/allcommunities

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BlueStarFamilies

Search URL Search Domain Scan URL

URL: https://twitter.com/BlueStarFamily
Title: 𝕏

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1431100/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCpsrGTkH70wOUhqKS-9m3ZQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bluestarfamilies/

Search URL Search Domain Scan URL

URL: https://www.give.org/charity-reviews/national/veterans-and-military/blue-star-families-in-encinitas-ca-44552

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary&orgid=17724

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/80-0369895

Search URL Search Domain Scan URL

URL: https://www.hirevets.gov/awardees

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bluestarfam.org/ HTTP 301
https://bluestarfam.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://chatfast.io/chat.script.js HTTP 308
https://www.chatfast.io/chat.script.js

Request Chain 129

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbluestarfam.org%2F&label=https%3A%2F%2Fbluestarfam.org%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20Blue%20Star%20Families&value=0&auid=1383797309.1704827754&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=apudZaicIMyO78EPnJq06Ao&sscte=1&crd=&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBDMaN3JiIgxVN5q9WUubKXBhWAJlrL17x4&pscrd=Ek9DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUkltQUZMemZ0T3FyT3R0dFVyVHpQN2dLNC1zcENWd18yWlZxaldMNkNjNHI4dktJMWk4NF93GlhDaEFJZ1ByenJBWVFrZm5Za0xyZjdxQi1FaTRBNk44Yk1YUTlNbnh3eWRWa09lM1RDaU1iUVdBZ096c01maDdsc3N6elIxTElLNVVCLVF0aDU1eXpaQzI0IhMIqPnYpYLRgwMVTMc7Ah0cDQ2t HTTP 302
https://www.google.com/pagead/1p-conversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbluestarfam.org%2F&label=https%3A%2F%2Fbluestarfam.org%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20Blue%20Star%20Families&value=0&auid=1383797309.1704827754&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUkltQUZMemZ0T3FyT3R0dFVyVHpQN2dLNC1zcENWd18yWlZxaldMNkNjNHI4dktJMWk4NF93GlhDaEFJZ1ByenJBWVFrZm5Za0xyZjdxQi1FaTRBNk44Yk1YUTlNbnh3eWRWa09lM1RDaU1iUVdBZ096c01maDdsc3N6elIxTElLNVVCLVF0aDU1eXpaQzI0IhMIqPnYpYLRgwMVTMc7Ah0cDQ2t&is_vtc=1&ocp_id=apudZaicIMyO78EPnJq06Ao&cid=CAQSGwAvHhf_ormb0upEF1IdodaTJYa7AjfK0S0S0A&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBBhEdAqiLYxNxr_0xHDm9gMZVkVPbm4NbU&random=2573989685 HTTP 302
https://www.google.de/pagead/1p-conversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbluestarfam.org%2F&label=https%3A%2F%2Fbluestarfam.org%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20Blue%20Star%20Families&value=0&auid=1383797309.1704827754&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUkltQUZMemZ0T3FyT3R0dFVyVHpQN2dLNC1zcENWd18yWlZxaldMNkNjNHI4dktJMWk4NF93GlhDaEFJZ1ByenJBWVFrZm5Za0xyZjdxQi1FaTRBNk44Yk1YUTlNbnh3eWRWa09lM1RDaU1iUVdBZ096c01maDdsc3N6elIxTElLNVVCLVF0aDU1eXpaQzI0IhMIqPnYpYLRgwMVTMc7Ah0cDQ2t&is_vtc=1&ocp_id=apudZaicIMyO78EPnJq06Ao&cid=CAQSGwAvHhf_ormb0upEF1IdodaTJYa7AjfK0S0S0A&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBBhEdAqiLYxNxr_0xHDm9gMZVkVPbm4NbU&random=2573989685&ipr=y

Request Chain 138

https://chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true HTTP 308
https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

332 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bluestarfam.org/
Redirect Chain

http://bluestarfam.org/
https://bluestarfam.org/

158 KB
29 KB

180ms
142ms

Document
text/html

2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195d4f9cff3526d6b48baf91b62185f21be61c9bd0fdd4b17bb19165724735e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, no-cache
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 842f02ef8d446f6a-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:53 GMT
link: <https://bluestarfam.org/wp-json/>; rel="https://api.w.org/" <https://bluestarfam.org/wp-json/wp/v2/pages/460481>; rel="alternate"; type="application/json" <https://bluestarfam.org/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw2YK4rxEEc8W22RTHqlnFNhBIJdV4PP3t4daNcloCO2DA%2FB%2FiWTkGEK83JpotSoKOZCEkHRn26KDmCC12dxqHxEtbRAOmKQW7XZKanjs%2BwoyU%2FdDn2ceV4KSfDe1ac0scwfufT%2BBWV6hqbvR34%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-grid-srcache-fetch: HIT
x-grid-srcache-store: BYPASS
x-grid-srcache-ttl: 2592000
x-tec-api-origin: https://bluestarfam.org
x-tec-api-root: https://bluestarfam.org/wp-json/tribe/events/v1/
x-tec-api-version: v1
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 842f02edbea11c08-AMS
Connection: keep-alive
Content-Type: text/html
Date: Tue, 09 Jan 2024 19:15:52 GMT
Location: https://bluestarfam.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pre-Cognitive-Push: Enabled
Quantum-Flux-Capacity: Omega
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=172wFC9AQT4kBwLqS3o9in26krPR9PyRBbJKetryNcZskP7USaiq9GNjtFAJXQzcutuhmKCm9HEfDOmp7T%2FWWFewMjvJ0LGKoAGV%2BwKdT1WVCVMc3YF1VV2C8VEb1iXnD2mVk5QiyU69DWtGRzg%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400

GET
H2 200 flashblock.css
bluestarfam.org/wp-content/plugins/compact-wp-audio-player/css/ 4 KB
2 KB 454ms
446ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/compact-wp-audio-player/css/flashblock.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25091b162ee2b14bd391b9a4859befc19217d031178cb0d70c23c37a198537a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Apr 2023 02:33:19 GMT
server: cloudflare
etag: W/"64488d6f-e5f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWmzoQmeJmYPYT4Yi94E8CddtVeg1pKoFhTExGCW2dryG1qBg0F6aix7vcdvPkgXrx0NbFuXoMeWleVn1tOGK7FJFHq4Qb22svqt%2FVc4sSFQ%2FX6WRLjDRA2HJft0Sbmx0aMxS6XFL75JqXoYI60%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f07edc6f6a-CDG

GET
H2 200 player.css
bluestarfam.org/wp-content/plugins/compact-wp-audio-player/css/ 1 KB
590 B 462ms
454ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/compact-wp-audio-player/css/player.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5820372f57efa4c8e03770baca675ee59ba259fa417e5d9d033cde673c8252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Apr 2023 02:33:19 GMT
server: cloudflare
etag: W/"64488d6f-464"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRFRhsQdIYKuF5Gf7rpPl%2B0imZ2M2SrE%2F9IGbIA%2BDV9kng7e0IVOLDmx5prhUgndBzKPg53VRoypLsUuFHm07CqupCmcxvX7Lvdpzavf09gZxOPYgx1SVphMS4yP69vtUNEnzi0p0GFfmZq9rNI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f07ee06f6a-CDG

GET
H2 200 tribe-events-pro-mini-calendar-block.min.css
bluestarfam.org/wp-content/plugins/events-calendar-pro/src/resources/css/ 655 B
634 B 456ms
449ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=6.2.4.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 07:33:57 GMT
server: cloudflare
etag: W/"65547465-28f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSRexgmZkbamDH3s2lZl9lpUqsY2tF40XdaXoVYzzHraQo%2B1Ots2%2FcBNenuzDm3hA10rkUcqwuoOxSZcfrTki6PmVDBHZB5LnoT4ld%2FHAZ7NE%2BmGAgM2L4dnQlkSWqaio0t1XADBspdCktmwhpQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f07ee16f6a-CDG

GET
H2 200 variables-skeleton.min.css
bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/ 5 KB
1 KB 457ms
449ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=5.1.17.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e23f8023485c7cd75bfab4571211d8853189f20d5fd45a520b123961b5bfcac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 07:33:36 GMT
server: cloudflare
etag: W/"657c0150-1288"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTtcQ7lIe%2F%2F7PjaCPvaT%2Fo2UrOM10GlxxS0PuJMb0I3O%2F1xzmNKy%2FNU12NB38UH1bWIW0RIOaPhWvvXa1%2BDj7iM4R57YEM6qJlcosAY2idnq5ccJkhMPqs89yZfzxPB%2FSd1y5iSgmRaqItcdqN8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f07ee26f6a-CDG

GET
H2 200 variables-full.min.css
bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
850 B 452ms
445ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-full.min.css?ver=5.1.17.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3627f68f6c26f51208590c177f7d866a7ef8a8bb72f35a8773adf0333e1ba634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 07:33:36 GMT
server: cloudflare
etag: W/"657c0150-6d1"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vr%2B0dnpRSGnk8lkhZUlev7MGOQwtHeUYjba7EOYbJ7jWvQohRT3rJ%2F26odO8yTtLFMa1%2FYBsTo4Km4X4OyyEelhNE2ZS5lpwxOYPyj9Jl3oVQUEMRyzWhNTTcmaE8qbY8eizji0Xy1uVp0lO%2Bc4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f07ee56f6a-CDG

GET
H2 200 common-skeleton.min.css
bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/ 14 KB
3 KB 454ms
446ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=5.1.17.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb67e76c593968c1397d0bf91ba43f1438350d7e79f790f9324937e4d2e97ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 07:33:36 GMT
server: cloudflare
etag: W/"657c0150-36af"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyZNSCK5565nYDL%2BSMec9%2FaI0%2BNfNT49RjERVCgqpmwAqzROlMWv7F%2BdwLDpRHZLyrPVpbx4CyUChMMKaPIaWRqz2ALdQYVUHpnPLIZ0QXHOx345cVjTzw60mOSeLKCrN0gkhcxagP%2BBLtuOLfs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f07ee96f6a-CDG

GET
H2 200 common-full.min.css
bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/ 39 KB
4 KB 463ms
455ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=5.1.17.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db07c15b1653846bffbcefd8e4dc15c5bf3d31bd7ccbecef025fd1fb2be6dd78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 07:33:36 GMT
server: cloudflare
etag: W/"657c0150-9b5a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5P5DXeBnNWW43KDFkT8xaKwwYIpzR0hJpUioEr%2FtIpeQVD3pcV2w7kQwq4ep6OvP%2FEEeuisBwpgnHa83VqixYb9VN6IEgBYD5KSZU4y9YccAqZ0za%2FXu49bb7j7JX5bRAAogF9oaXE5nTO5y84%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f08eee6f6a-CDG

GET
H2 200 bootstrap-datepicker.standalone.min.css
bluestarfam.org/wp-content/plugins/the-events-calendar/vendor/bootstrap-datepicker/css/ 16 KB
3 KB 455ms
448ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/the-events-calendar/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css?ver=6.2.9.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c035d8b5700deffd13fd18f59689985addc3658edcc0c439dca7e0352cb993e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 07:33:36 GMT
server: cloudflare
etag: W/"657c0150-4044"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Et8R9%2BvFs5rPuSxVarXUWBxv4C3rXilfX7O9V7afWKTonm79mGTR%2B7M77VhNlLA3lTGUDY9EcS%2F4ivHqCOoSMHPqzlt%2FOTdDAWOZn6KcHxipvPEuG1Ai0sCXKkGFJOpGERs45HYAh57LP0pkpa8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f08eef6f6a-CDG

GET
H2 200 tooltipster.bundle.min.css
bluestarfam.org/wp-content/plugins/the-events-calendar/common/vendor/tooltipster/ 6 KB
1 KB 460ms
453ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/the-events-calendar/common/vendor/tooltipster/tooltipster.bundle.min.css?ver=5.1.17.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 07:33:36 GMT
server: cloudflare
etag: W/"657c0150-195f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQbSNqNuG21Ma%2F%2Bl3FZ16Vx%2FbchC978gv0qIx8uObFw6bNa2gd3crmqIJ8FoWK2%2Fu5v5WqH14kfWbO5F3CxTda7RE3Cm4ve0YZ1R5u1r0NTLtDGFEYEQPmYAB6Z%2Bu6nqwL6Os0Wlcpfg55lufyg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f08ef06f6a-CDG

GET
H2 200 views-skeleton.min.css
bluestarfam.org/wp-content/plugins/the-events-calendar/src/resources/css/ 48 KB
5 KB 454ms
447ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/the-events-calendar/src/resources/css/views-skeleton.min.css?ver=6.2.9.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85d66775a49c9ba1f119c496b82b6751685757af939a5e6962f18af2c660c51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Dec 2023 07:33:36 GMT
server: cloudflare
etag: W/"657c0150-bef8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2btmIh5mKVaK92LEKUens3DTgST2eXdsIVO8jt3ml8PF9TyZETbHlhFBmjbR3DAE11V1OT%2BvkdB%2B684EWWo0YEfOU6cOpwwMzVo1%2BJ7u7uqLJeAfu7rSVNw4oHLfxu4P1lZlTif10vq6kBUOaoU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f08ef16f6a-CDG

GET
H2 200 style.css
bluestarfam.org/wp-content/plugins/tribe-ext-events-control/src/resources/css/ 9 KB
2 KB 470ms
463ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/tribe-ext-events-control/src/resources/css/style.css?ver=1.3.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6096cc3962efcd83d5ef5a0fd01a5f6ed0903566b03d86a1f27cc346a149e6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Jun 2020 17:01:07 GMT
server: cloudflare
etag: W/"5ef4d853-227b"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nh2UpgI7PRK9U4x5xpeTRP5kvy0vmLlUc7%2BRswadWXuHneoMvIDXrm2B5GN2ijE6ir1iqwGCPyTp%2BzyB8nc2zpbzorIUmrIys8LUUxbLG%2BNdTOQPn%2FjxTWr6Z%2BO28sJybSMPb1onr1FHititGIw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f246f6a-CDG

GET
H2 200 style.min.css
bluestarfam.org/wp-includes/css/dist/block-library/ 107 KB
15 KB 478ms
471ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 07:33:59 GMT
server: cloudflare
etag: W/"654b39e7-1add3"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dw%2FyZkVvXS1%2FaRe80cJn45ZE6IY3dhodkBE8VRTsCVP8egqtH0aPejX1%2Ff4lgQSSj3zXRATCc6ahCOK3n2wX5Pk8G3wQ8qabjnRGO%2Fo1gyx%2FdfUJO1gkJ5y7AqKPXstWmcKNue4Y4aDW0jGIsYM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f286f6a-CDG

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.4/css/ 170 KB
32 KB 544ms
511ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.7.4.2.1704827336
Requested by: Host: bluestarfam.org
URL: https://bluestarfam.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 04 Aug 2021 20:57:37 GMT
server: cloudflare
x-amz-request-id: YTJ6FJE6GHXYRSH2
etag: W/"21f9f9f41222c9f2acec907529ea35a1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 842f02f0a9bc71d6-FRA
x-amz-id-2: Ggixdp+C5YKMaIUOyJZOpMwn+bnCR4U35elCpsIpmBN3FyxzCi04FtRnEKY2HVF/cdk2SotijH/UR6drQyL3pw==

GET
H2 200 jquery.magnificpopup.min.css
bluestarfam.org/wp-content/plugins/bb-plugin/css/ 6 KB
2 KB 463ms
456ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.7.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 07:33:28 GMT
server: cloudflare
etag: W/"6583ea48-169c"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ougDcEqoqXixIJJNGO0M%2FuogmdBLXvB5C3qwOzyET98lZXty82DyrJH2tm11UMD5Fl41UjFQSXlIIqHwqGh8y0JSfKHcnxavx8m94etsrIzOSuf8h372kteRthsAGfbDp%2FKSqyI%2F5lPaxQz3Qqs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f2b6f6a-CDG

GET
H2 200 owl.carousel.css
bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/ 5 KB
2 KB 461ms
455ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/owl.carousel.css?ver=2.34.6.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaf08be6ae4ed211293a6d4280e2d052e1f332eb0066a0dc0192fd8a3a9f39d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 07:33:46 GMT
server: cloudflare
etag: W/"658d24da-1288"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeyo2Pv9ig0HJ56xuGnPzDc%2BWLwJE122Iib5oE6SqVaEFWo7P2eYNWxRuM95PdifYLdurW4fOJd8O1sWHEWg2cjtu8mdP7MirruboC%2B4ACV2EOW1mDz6pVyEtSuJeH6JBztEue%2FVX67tO%2FtKEho%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f2d6f6a-CDG

GET
H2 200 owl.theme.css
bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/ 1 KB
1002 B 471ms
465ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/owl.theme.css?ver=2.34.6.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 07:33:46 GMT
server: cloudflare
etag: W/"658d24da-564"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vnbv7uuvT8tTk5SmvxF1cCA8EStD61APtTKgB7I2RCuIRwqUHjjGyMtUNm12g8mTf7FeT1cu82Bj3aDmQsEeiG7VZx4kldNw5vnwLZTdSqPh7lMNDYmQGjh3mMkRJOY%2BHRjaCrV1R8WH5ME%2B4R4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f306f6a-CDG

GET
H2 200 swiper.min.css
bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/ 19 KB
3 KB 465ms
459ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/swiper.min.css?ver=4.4.6.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9862db80a9849617c4f83bd7006d79a6e9b395710a489c1d49d08fb68fc0b9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 07:33:46 GMT
server: cloudflare
etag: W/"658d24da-4d43"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiyo1G4n2H7FkmVQ95DWfWHMmU0jxanFZOHPHL2jA%2FIjRy23nr5pkhouZCnuGOl1%2BTFGgV5rhdstzfk4NeCpTbZoZ%2Fel1lOr%2F9BlMHmxpQ%2BXTaytZtBrXNROXY8WkCIoA2wZjFIAXpO8ZpS%2FywY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f326f6a-CDG

GET
H2 200 460481-layout.css
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 150 KB
19 KB 568ms
562ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460481-layout.css?ver=16feb8825e49811194f180afab7c27f6.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9318367c1965609f970e3a7de1d648dea4348c68f5e8f5a2aa878bd4ede5acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-25717"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlbhS3F3sugHTvBQgpWMegn8YDebqZWd8y%2B72fl8d1S9Q7D1JjeEXYA%2Fjeq2iUq1mI99mRBcwgGl4%2BIURopYVecrsUdGyQAuf87nDK8z2T0BN56WTJ%2BCWNBlmXAUN4Ox9ShSSLQmM2FjAhRpsVU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f336f6a-CDG

GET
H2 200 better-gf-styling-public.css
bluestarfam.org/wp-content/plugins/better-gf-styling/public/css/ 4 KB
1 KB 462ms
456ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/better-gf-styling/public/css/better-gf-styling-public.css?ver=1.0.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28f4de5e6bb79a8183390fbc45ce11f9355ca403e6872c2da45624e4d087940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Dec 2018 13:48:22 GMT
server: cloudflare
etag: W/"5c126326-ff5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC3RX0wyS1V%2BQsNahkb%2Ff%2Fh4WCk%2BmIyqnADArY2TtynZCmczviDOBJ1Qq4tB6yDr%2FfCvDLntBLznFdSCApNZkMlhEcXG%2F%2F1XoElezWaLLiU%2F5tP3%2FxLclJUoFqdqk63Oz58JzsmVVId4gZfozm4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f356f6a-CDG

GET
H2 200 events-item.css
bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/events-item/ 1 KB
807 B 465ms
459ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/events-item/events-item.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856b6c9d5ee86760fd35d21ad2e70279dd9c637a4196ea870cfc904cae7a8d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jun 2020 00:56:45 GMT
server: cloudflare
etag: W/"5ee96a4d-566"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMVh9qXp%2BjO9qO7fg6IPk%2FWPSHvddGYNnQ5Db51QtbAix7yaUs9iwijyU5CGz7SzSTXdBeNEYogWmSdssheqLYWmYvuZja0fnbOEEGsbpIDZp6VyUAWwTSf9f8zBYLuXAKjRG50cYtH%2F8KXFVRs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f366f6a-CDG

GET
H2 200 events-single.css
bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/events-single/ 1 KB
829 B 462ms
457ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/events-single/events-single.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23cd82040a2b3d27b2d3dc221cf3a249c40f6b134b22a1ada4e6cc9dba526115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jun 2020 00:56:45 GMT
server: cloudflare
etag: W/"5ee96a4d-4e8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXOwPxNdzGG5Quf1yI8AI6CXtVG9yym5jeKZ747SHrCF5ovm43ktfQvejEQdReU6iedbWBAOnlMgXBDPub4g3JwlcqzikImON8htvo4Vor5skvK09YQj2gtF3%2BEFDZUnZhVUWHK%2BD1Q2SeVlue8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f376f6a-CDG

GET
H2 200 header-search.css
bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/header-search/ 401 B
557 B 463ms
458ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/header-search/header-search.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8293ca7c1f9d0b8655a80e98cbb26f03642db1522bf660cd179796e318b9ec90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jun 2020 00:56:46 GMT
server: cloudflare
etag: W/"5ee96a4e-191"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnC2kKgnUOL3F0YKsyv%2BblCQ9AynKcHszGyn%2B5fizgPhIBn2uzKGwY11Bg0xYaAP3hPL76bDPhDe83veYlD31JZUQRba%2FxeIWlNdeP%2BYWu%2F2yHgWocdw61yhtmc3%2B6cUBp6w9INq9l9PCZQ%2FSTw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f396f6a-CDG

GET
H2 200 jobs-single.css
bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/jobs-single/ 668 B
597 B 463ms
458ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/jobs-single/jobs-single.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d501be548fceb5b09d8ab38753c1e0da4a851334d9edd993bc9863c5588078e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jun 2020 00:56:46 GMT
server: cloudflare
etag: W/"5ee96a4e-29c"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkDcsXD%2BP8W91DW%2FKPSnaHGB9%2BslsSlbGUGN6Pilo2Ts1Gz9Nexzikg%2BHF%2BcIpijNxi0p%2FLvJ%2FxBg6khKGwpoEY9%2B6zqNh%2FAV6iqsex%2Bk4GgI5oDhjTm6NP%2BYNmeahv9jA4UTVakKjNH0gSP%2BQs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f3a6f6a-CDG

GET
H2 200 location-menu.css
bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/location-menu/ 323 B
631 B 465ms
460ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/includes/shortcodes/shortcodes/location-menu/location-menu.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da500885d9a5d8907f9c6cb3af02abd605a4a99f519c606ee6c808b78d330351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jun 2020 00:56:46 GMT
server: cloudflare
etag: W/"5ee96a4e-143"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At1vzGG75rPCbr9%2BiNsRqpwMfNy4hpoRBgOPvXuftPzJbgYpDvpV8sdb36Y%2BuHXEPmXk5DwKo%2FjHC6waBRvgAhcNOwmB4ojvrU%2F1XpBPkBMMA6jJkjgHqaLj9FSokENntAVGRg1LGDc6T9k97lc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f3e6f6a-CDG

GET
H2 200 jquery-ui-aristo.css
bluestarfam.org/wp-content/plugins/search-autocomplete/css/aristo/ 43 KB
8 KB 477ms
472ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/search-autocomplete/css/aristo/jquery-ui-aristo.css?ver=1.9.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2187f72b8b1e37450b2135c7c440aaa27177245f39e0c7c1c55b978190159a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2017 02:15:03 GMT
server: cloudflare
etag: W/"59b9e627-aad5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqOxN0MgZOvusfgKowy1xnLc2zTwarO0LWqLap%2B2Hmzo1WLxJR3uhwWjPZZySyGLv5%2Bgchgwro%2BRdZaGm9dhRQ23z%2F7J4tJYO8ADjaiWn84lwGVnl5L0ALGbKjiU8ez0o10M0R4EAa1gjd6sVb0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f416f6a-CDG

GET
H2 200 sfwp-connect-public.css
bluestarfam.org/wp-content/plugins/sfwp-connect/public/css/ 98 B
460 B 466ms
461ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/sfwp-connect/public/css/sfwp-connect-public.css?ver=1.0.4.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 02:33:24 GMT
server: cloudflare
etag: W/"631e9a74-62"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yeFSvuYyHQ%2BAmU5YFH35NGSUVHyHGCts0cdIPdpTgQYmC5rpc3rXnfGPwONqb1eUODmptVfF4mYCl%2F7XE6rkKPn16t9ZGm7k6LfTSav7YBe48iaYLWJvwrNvC9CR0Oi06dXIultNvoaUxBgzhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
cf-ray: 842f02f09f456f6a-CDG

GET
H2 200 general.min.css
bluestarfam.org/wp-content/plugins/untitled%20folder/public/css/min/ 3 KB
1 KB 465ms
460ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/untitled%20folder/public/css/min/general.min.css?ver=2.7.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3831aabe664a6d2c2ee8e80ffdd164e253973907776df96368eca49385f56d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Feb 2021 19:13:31 GMT
server: cloudflare
etag: W/"601852db-de9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGmUIQnpg5mrL0Sq1iJFcIax8eXReKeq9oyzwbs5kL0J%2BaoYPuSFMHjQkONV0ggvZJXm5YTKnNn33bWF2ORNnXq0RUbd%2BPEGWGZ5IXYFqVsm5ShtPansQkGHdxYIOeFsOEPlqVr6oE3G7m60w9Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f496f6a-CDG

GET
H2 200 v4-shims.min.css
bluestarfam.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/ 26 KB
4 KB 473ms
468ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/v4-shims.min.css?ver=2.7.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 07:33:28 GMT
server: cloudflare
etag: W/"6583ea48-684e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL1d92ufnItsmdie%2BEzlOG080gpfycT5q%2BhHmvKH21FbrgDH8OjWTb3JGwnbq3%2B4nNPYiM1jEVDWpLO7ZJHWD3%2FmPZrxwBo0MX3OHu8fsK9QwxpPIZ5ZkFl0qWv7HgpenxSSBMHDKG8zrpo4Egc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f4d6f6a-CDG

GET
H2 200 6da3c6f6a65610715aba87b1b643acf5-layout-bundle.css
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 47 KB
7 KB 980ms
976ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/6da3c6f6a65610715aba87b1b643acf5-layout-bundle.css?ver=2.7.4.2-1.4.9.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53633f3468c005d89a6cf7012e549fc545dda158f75263bd882f303fd8a60fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 19:06:39 GMT
server: cloudflare
etag: W/"659d993f-bd2e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cts7WW0Yi625II7xngz28VgmkrH9%2BLa7M%2FNqESlp3iRCEBGKdwZG07notnlNBYj3pap6ioYYH0igUeOGTQq9rx6EkUwOzreKOQKNc%2FoHcC36LJ4P7gadbxRwqaftPPOvW27xWUFnL9nciZBroY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f506f6a-CDG

GET
H2 200 style.css
bluestarfam.org/wp-content/uploads/maxmegamenu/ 196 KB
14 KB 577ms
573ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/maxmegamenu/style.css?ver=3c6eb5.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f60afb2dcbdb8e5871e273a1ed205e0ebfff54749be56134d08ec509140c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 22 Sep 2023 17:28:42 GMT
server: cloudflare
etag: W/"650dceca-31184"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChmiA370Jv97P9DVcclKYt7b3lHnAXw0fl5Q03BXWSz3KjAG4BKC2ukN2mSpJD3bK6FgngxwbexGWQMEnIfYMg8Wdd02YLv7VFVDFnJAUJ8If7esyMMi1%2BFBGeVWW1ahjr3tfZYDAebPGPmb654%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f516f6a-CDG

GET
H2 200 dashicons.min.css
bluestarfam.org/wp-includes/css/ 58 KB
35 KB 575ms
571ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/css/dashicons.min.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 15 Apr 2021 18:45:05 GMT
server: cloudflare
etag: W/"607889b1-e688"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HIq837UPasdpznyramIp7bTpg68Z0HvKNy%2FqF6hJBJPcSUbJluIZk1GQlcH5TpT994M8MPJXOhEkwXddL0ozZxjWrjQo7SnLfw8g5TXEbWT%2Brvz5GX7hlhWgvJS1%2FpLreFUYCmef7qNwk0G0Hs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f526f6a-CDG

GET
H2 200 forms.css
bluestarfam.org/wp-content/themes/blue-star-families/css/ 5 KB
2 KB 468ms
464ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/themes/blue-star-families/css/forms.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdb41bcfe02eb7205c13e008c8030984c1d59dc65f1653ce4332eb30c9296410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Dec 2023 20:40:53 GMT
server: cloudflare
etag: W/"65722dd5-1588"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqNFjeFe%2Ffac0Qn2hCTLXDUWM3AiyiJIVG3Ow9fz6EI%2B9s5cTuZed0xUHdbwKDQ96wFACxpHu%2FrwrVUnavjoFQOQYKtO4L1L1MDs2M0mm8twct4B%2BGynxbGhj7zn1bTU%2BZIhI%2F1E7iK9FYCGeBw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f546f6a-CDG

GET
H2 200 bsf-custom-functions-public.css
bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/css/ 3 KB
1 KB 471ms
467ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/css/bsf-custom-functions-public.css?ver=1.0.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81f7672079b3bf3df4cb44dff16d384a7fbd7fd61439d3446541959aeb2444ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Sep 2021 23:16:37 GMT
server: cloudflare
etag: W/"61564555-bbf"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAlABSQSFmUpGeLDtYvA4btaKTy3n4W8apxPHb3bT%2BKQ2uRpCr2oaexRvnXclXrGiSK1oreHMST7gFQcPw5Agl76jXK1HlYkQGv8EsvNPUjMq4aC5lptXYVm26ZbbocFwMb7rAH%2F9GV8Be1Iovc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f556f6a-CDG

GET
H2 200 show-to-new-visitors.css
bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/partials/show-to-new-visitors/ 189 B
474 B 478ms
474ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/partials/show-to-new-visitors/show-to-new-visitors.css?ver=1.0.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

603c8f6f8eb1e51288aaa8df46697972e22d428f569b94b98c31777a03fb7919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Nov 2021 21:39:54 GMT
server: cloudflare
etag: W/"61a69a2a-bd"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5IR2T6TUJOeVjsOAEStLvYLjiQDMGoD2QYLwI2C%2FMrk78oLpFHRbDHJQd6wUdHeHm%2B2KJq5MxFClxDqy9YO%2B5%2BKmnf9JCuNYDuuoZzxm%2Bj%2FL8QQ7H%2BIQ6gangSST9ZP72abPOlfO1NZZ6mSEAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
cf-ray: 842f02f09f566f6a-CDG

GET
H2 200 bootstrap-4.min.css
bluestarfam.org/wp-content/themes/bb-theme/css/ 158 KB
25 KB 579ms
576ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=1.7.14.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Sep 2023 06:33:17 GMT
server: cloudflare
etag: W/"64fac02d-278b4"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvJcJgsMv1Pi%2FqEae%2B2PCHPVxy%2Bq143gzRvqJWz7ufKW1niduhYd2po0CMZAupRkNMgYyLX%2FprikOlKtEFB3fAkdwvI0Ou%2BSXyGBKSUMRLZ9GIZ%2Fj7%2F1PFu%2Brhz6zco%2BSv%2FEGQLoMmRU9IvwKLI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f576f6a-CDG

GET
H2 200 skin-6584a9c8c5d89.css
bluestarfam.org/wp-content/uploads/bb-theme/ 69 KB
11 KB 481ms
478ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-theme/skin-6584a9c8c5d89.css?ver=1.7.14.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b665b2c762862e4ef482b93360911123aa9f7915cd4d4047c1a8bec173a8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 21:10:32 GMT
server: cloudflare
etag: W/"6584a9c8-11382"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rzw0XVEwJfrXItDokGJznWtGWhIHrdn9Z%2F8Yvgv5x6LsFHwtbwa%2FveDduFcPV7pRYXQelHITlY2lg7vqCExC3rhF7%2FGR4ScKhGwNUZLsr5bCI%2Bpx3h1f7pj8xH6MO7Eu2%2BeSLipNUNavQISg8BE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f586f6a-CDG

GET
H2 200 style.css
bluestarfam.org/wp-content/themes/blue-star-families/ 291 B
691 B 474ms
470ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/themes/blue-star-families/style.css?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2310dbb01451322b06f99c576bc3792cb0a840cd106cc8132d57177a6715fde4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 26 Oct 2021 20:42:15 GMT
server: cloudflare
etag: W/"61786827-123"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJMJd5h7%2Bz4FXWqZNNjJSTt%2Fti%2FMLkxHDY%2FPt4KnYzmT3OS8jxj77%2FD%2Be8zlq30ke1FBlnrrf1l3RNKCJ17wStC93FOJrPFI5F%2BvkYYjkL%2FwSXcyk3L1hqUAFGgMXwSHjLzMODepLzjg5f0%2F39Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f596f6a-CDG

GET
H2 200 animate.min.css
bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/ 52 KB
4 KB 469ms
466ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bbpowerpack/assets/css/animate.min.css?ver=3.5.1.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 07:33:46 GMT
server: cloudflare
etag: W/"658d24da-ce35"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AShVqYW0%2Fp5Bl4Hb8Ut3y5vKDR8M%2FrrE9QrbFq2MveuyLEgUN%2F3FxXzgHPZEh1cfwei3bOTkMozPyJDzi4f11onK2Ck3mnL01jExYQmYSGWsWf1wJAbEWxRm0Ltwe9%2BHeE2Z4mAD6PPS9gD3AIM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f5c6f6a-CDG

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 173ms
62ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CPlayfair+Display%3A700i%2C600italic%7CLato%3A700%2C400%2C300&ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9372086e8ee3f75f9f1bf7d90e1e0fbe3b47fa4ea80e52cb079a651db31919c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 19:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 19:15:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 19:15:53 GMT

GET
H2 200 soundmanager2-nodebug-jsmin.js Show response
bluestarfam.org/wp-content/plugins/compact-wp-audio-player/js/ 36 KB
13 KB 486ms
482ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/compact-wp-audio-player/js/soundmanager2-nodebug-jsmin.js?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

534ecb7e84cbd36918c179af2d074fa62a121f425e605c4a4eb9a8ffd898b12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Apr 2023 02:33:19 GMT
server: cloudflare
etag: W/"64488d6f-8e7a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zihiBBgwBJOs8OtrnomROUVK0WmkDkoIwhMn18ceZew6ET%2BGbmq7VNR8M3yrCRf8GYNL88QtU5XRcMCgHAZCJj4xeWEVsRKcfaCBFa3WP4V%2FeiSovSmo5MDpsfv9QEupKHT5U6U%2FwaMATdKZyQY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f5e6f6a-CDG

GET
H2 200 jquery.min.js Show response
bluestarfam.org/wp-includes/js/jquery/ 86 KB
31 KB 581ms
578ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 07:33:59 GMT
server: cloudflare
etag: W/"654b39e7-15601"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Wk8qQz8kqxLK97ip8td8hWrWWSZAlGdA003azGoMLrAfNDDDIYKrpsekf5FpVlviHW0cCF2v%2FKgAPfCDAXr0lttgY6vHi%2BqoX2uoYcVn6FSeaThW9tFG5tLVX%2F55s%2BfAKIJvKqmZkL64zb8m2I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f5f6f6a-CDG

GET
H2 200 jquery-migrate.min.js Show response
bluestarfam.org/wp-includes/js/jquery/ 13 KB
5 KB 796ms
794ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Aug 2023 06:33:46 GMT
server: cloudflare
etag: W/"64d3334a-3509"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzgipN6fiZ9NP31Kz12HgSmEBMSlebkhNp8YG0grsKTSDlRK%2BUuAicm3Vix5zzWzM58djiNr0BZA%2BZgPCBX71giDqopMgBi83KG2q2%2FVD9ULTAA20Rp2iwvb3DJ%2BzO8QuKjSXVhurE9u6ReWDrI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f616f6a-CDG

GET
H2 200 jquery.cookie.min.js Show response
bluestarfam.org/wp-content/plugins/bbpowerpack/assets/js/ 1 KB
1 KB 472ms
470ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bbpowerpack/assets/js/jquery.cookie.min.js?ver=1.4.1.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9bd3c697279bf78c0ffadde4e5cb673182cf45fc24a6abd71e3575a04a5f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 07:33:46 GMT
server: cloudflare
etag: W/"658d24da-586"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoSMqxVyqoNCQMD7prsqBSo32vVoaHDrdyESoXK1hMgKD%2BftF3rB2ECCeFSFPh5eAF0ss4%2FqYUd%2BiNRYlP8Amf4Ob6M4R32DnE5X%2BQLLR%2B8h4gKhLWZL5WmQD2v5xbOodZ3P65Kj91jZ2asLO00%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f626f6a-CDG

GET
H2 200 better-gf-styling-public.js Show response
bluestarfam.org/wp-content/plugins/better-gf-styling/public/js/ 838 B
810 B 464ms
462ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/better-gf-styling/public/js/better-gf-styling-public.js?ver=1.0.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Oct 2018 13:35:27 GMT
server: cloudflare
etag: W/"5bb6171f-346"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6RsDnJOIclNxey9pEp50J9hPRHyo%2BpCVukK0z7X6btODLY0UrFj87SctSyQYza48JaictT7YJOrphyP9Tpq%2B2rI1wZnS5QL6%2Fr4D4jiQD5Dl7bT0avREFD8ao0YjhpdW9UqDq4sxtqNvpnr2bM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f646f6a-CDG

GET
H2 200 sfwp-connect-public.js Show response
bluestarfam.org/wp-content/plugins/sfwp-connect/public/js/ 838 B
771 B 466ms
464ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/sfwp-connect/public/js/sfwp-connect-public.js?ver=1.0.4.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 02:33:24 GMT
server: cloudflare
etag: W/"631e9a74-346"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvWm6na1P1zZMnZQ%2FNvA1pSeAa4iSdJoIHEQFkVjghH3%2FI72OrhdBtl2sGyDCCpv8yXM%2FwH4530BuNSvR2zmxnmBhL12kjLi4%2FWn83cWQzuZYy%2Bkuggp4uJYiGHRsou%2BV8fcthtc9LWvru7SwOs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f656f6a-CDG

GET
H2 200 wpgmza_data.js Show response
bluestarfam.org/wp-content/plugins/wp-google-maps/ 426 B
601 B 784ms
782ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/wp-google-maps/wpgmza_data.js?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92885f5b3f6b31cc4301f5c96d1d84fc62de274a6907bf44f22e986b1610e38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 07:33:42 GMT
server: cloudflare
etag: W/"65795e56-1aa"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yj3zkeO5qov%2F8Mb7xnVGjLym%2FVW2jYS77YrwWhgjmHUROoHhE%2B9zIH9h91z65NdNzw51d6PwOOVsSjnxna6pbmKaNYHVXTwa0jH9shFbwJYoRLlQPwAhUlYEFhVt%2Fjy8sPOuMiKqq4%2F%2FcBICIAQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f666f6a-CDG

GET
H2 200 bsf-custom-functions-public.js Show response
bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/js/ 4 KB
2 KB 785ms
783ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/js/bsf-custom-functions-public.js?ver=1.0.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47a9c67bdaedd2f2a4bfeb17707a7e93c3681fc2bbc955ebf0b1b4db22163cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 22:21:12 GMT
server: cloudflare
etag: W/"6557e758-e06"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2rkm%2Bv%2FXkNEvvD7yAgQRzGY6VDC7HLpoS690SDnDeQCWzHwTaA2S95IthrQUjs4GWdmqqRRp5tJs6u8Cgh0h0WoEqEYSAMSfXi3v6u%2BOP3a%2Fj%2BltlJFPU8Jg1T1odtL1L%2FNOQnhR3FNB4UBI9Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f09f676f6a-CDG

GET
BLOB 200
OK abb0b75c-4364-4f2b-b8f3-2aabbec06af1
https://bluestarfam.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bluestarfam.org/abb0b75c-4364-4f2b-b8f3-2aabbec06af1
Requested by: Host: bluestarfam.org
URL: https://bluestarfam.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 fyy4ooh.css
use.typekit.net/ 1 KB
811 B 305ms
265ms Stylesheet
text/css 2a02:26f0:3500:16::215:1486
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/fyy4ooh.css

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b3619d8cd82c030216d1b27ad22d1fb791d2dfc471efbb9cdb25b7818a5c8e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 09 Jan 2024 19:15:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 588

GET
H2

200

chat.script.js Show response
www.chatfast.io/
Redirect Chain

https://chatfast.io/chat.script.js
https://www.chatfast.io/chat.script.js

13 KB
4 KB

38ms
10ms

Script
application/javascript

76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/chat.script.js

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d6a78e87c7dabb0d431fda347c0413b8bd44f64b695dbd697793a301901d3648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::xt87k-1704827753128-b547a3672053
age: 1672212
x-matched-path: /chat.script.js
etag: W/"5a9295cdfaeeed77babfd81c1e087d73"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="chat.script.js"

Redirect headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::smt4m-1704827753089-b7c648f00446
content-type: text/plain
location: https://www.chatfast.io/chat.script.js
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=https://www.chatfast.io/chat.script.js

GET
H2 200 css
fonts.googleapis.com/ 15 KB
2 KB 198ms
110ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A700%2C400%2C300%7CPlayfair+Display%3A700i%7COpen+Sans%3A300%2C400&ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff36b802312052c556484d200f49d9a8e6e27dca60e8944c238f9aabd7d48a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 19:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 19:15:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 19:15:53 GMT

GET
H2 200 Military-Family-no-text.jpg
bluestarfam.org/wp-content/uploads/2021/10/ 57 KB
58 KB 29ms
28ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2021/10/Military-Family-no-text.jpg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af46a2c0b29a77c87727f1dcf8534fd497865fe781f8e39b376a722342a82540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1064635
alt-svc: h3=":443"; ma=86400
content-length: 58672
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 31 Aug 2023 20:34:44 GMT
server: cloudflare
etag: "64f0f964-e530"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lp5HeC6nX81jmEiVZ2iqg7pAp6MonI7aXVBAKkEEyZPRza5aqNYn35ADcfkKOxsNADGmAsnP3HeRH208iFptIZdnAj%2F5RsCkzLi1y0Tra4SnlQPzsRKBIAMZFBvjXYyFSCNFTStF6tHYJjqo%2FO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f0af6c6f6a-CDG

GET
H2 200 460250-layout-partial.css
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 3 KB
1 KB 446ms
445ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460250-layout-partial.css?ver=492e92c302af457d68f4fd74c2f5c9fc.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a4599168205b5be314b18585d1953059f428974a6113a8032ea42842f0219c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-dc5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCwaokbg8f9blxvLeDfR912EdrZcacHGia25NWTMih3iHyANqUIzA98vPzpvg2Lc13rIg7b52KkhQi%2F8I7vIgXtDTAnWyMFf93csxd3DvKCAdjOytLmpWtsMSdjCwm75BxxtnRUZc0Tsu32P3qI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f0af6d6f6a-CDG

GET
H2 200 460268-layout-partial.css
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 3 KB
996 B 448ms
448ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460268-layout-partial.css?ver=49e3159d13da53eb0b9646a83db1997a.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b17de2135b9ff378fa39d6d53f6fb96c8eb24ad46d524300cc30509fe02714e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-dc5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdH6qWWkMP2JQml7IBRZx2rlmsjrJZM29WZ2dOZ8MzUXTc2TdPZ0j43f1m271zVQfPb9VGv4LGOLy2nZHxDNr%2B%2BZBJaxLECQ4adRpezH1pOokrCmcn9TwaYModYUpUKFeGMm%2FeyKZStIHeaNM1s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f0af706f6a-CDG

GET
H3 200 460263-layout-partial.css
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 3 KB
1 KB 760ms
760ms Stylesheet
text/css 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460263-layout-partial.css?ver=bf84219c1ac584b044df1d9e84d8a85e.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d21271c6ef8488ec06eed2693a8d03c87f9cd6f1ca198f2d77949676ee7e888c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-dc5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ON7b3La89BYLSCcX8dL6L7jAshJP0bahqXxkpocuHp4SwiCxdfcvyfSRImX%2BVPTrpNa11sp%2B88jRybB8%2B0l4bB7jsPCJ9cg%2FxpwvrrVnAM8q4i5aSqcyZHBPBRYLz4nNKLElt%2FIakBfJ9oShJXM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f3686cf0db-CDG

GET
H2 200 8867418
widgets.guidestar.org/TransparencySeal/ 13 KB
5 KB 459ms
410ms Image
image/svg+xml 172.67.23.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/8867418
Requested by: Host: bluestarfam.org
URL: https://bluestarfam.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 842f02f3b8df196d-FRA
expires: -1

GET
H3 200 jquery.waypoints.min.js Show response
bluestarfam.org/wp-content/plugins/bb-plugin/js/ 9 KB
3 KB 448ms
447ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bb-plugin/js/jquery.waypoints.min.js?ver=2.7.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 07:33:28 GMT
server: cloudflare
etag: W/"6583ea48-2281"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OoD9xeNfv3ROA6XydR8WS%2FPm2Vd7WK1OvilAHpzy6Ou6cVkbQ8QNUl47xYh3qq%2BXutdnnRv6ManKXsL%2B2qktD4wGvSbxlZ9rZ948zRa1qOiPIhF9Xw3womKauZglWCPM2LjGZLNHeC8K%2B5khX8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6a891f0db-CDG

GET
H3 200 jquery.magnificpopup.min.js Show response
bluestarfam.org/wp-content/plugins/bb-plugin/js/ 20 KB
8 KB 447ms
443ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.7.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41be528bffc12cc0c4ff46c1227e0f2165752c63787b7735276053c741082563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 07:33:28 GMT
server: cloudflare
etag: W/"6583ea48-4e12"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWaWoEIxEVrEn%2FhLE3ZyutsAMMgKlSQSizR%2Fl3CwrUbjn7VxropHawSdcmQ%2FTpZtH3Kf%2B9sAgwuDA0oWbWCGt7de6loN1iY3B3dACIQSLOb8ITuzaz5JpV76I0OYtfYQ%2FT7C8zq4UszP9r6gZIw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b89ff0db-CDG

GET
H3 200 jquery.imagesloaded.min.js Show response
bluestarfam.org/wp-content/plugins/bb-plugin/js/ 5 KB
2 KB 449ms
445ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bb-plugin/js/jquery.imagesloaded.min.js?ver=2.7.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc6141baf0bde0e41c12e9311f5a97c158a7cb99f923afeb67d13abeaacb652b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 07:33:28 GMT
server: cloudflare
etag: W/"6583ea48-15db"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u1PQmuC8IvjVTjdGJGb3Svp2%2FUIsy6%2FfY1c%2F7i2bDkiayePEJvhP092%2Bk09Luv6PBN5XzBh3xi7PJSPqDNWjD6ADptV%2BECIglc4uNZSjeiwPzoGr678Mxu%2F%2F1UT4vyltTDPMl1A5cp53ceJpYA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8a4f0db-CDG

GET
H3 200 owl.carousel.min.js Show response
bluestarfam.org/wp-content/plugins/bbpowerpack/assets/js/ 43 KB
12 KB 460ms
456ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bbpowerpack/assets/js/owl.carousel.min.js?ver=2.34.6.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2b25c0b557759fdf017179965ea5c04d09ae95cd531dd5e4c1d94739001d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 07:33:46 GMT
server: cloudflare
etag: W/"658d24da-ad25"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LVmAlTO%2Ff8qZ3%2Fi4mTemARMtRiUbFmWje113yqWIbKSgmXKVzBOdsxqGIAumQLGZah3eDlb%2BqOe%2B2d2cPu9u6FpNplR0dLut3ZaAjFy0VMTqTeBU72WhSfEV%2FxS7GDZJ%2FfUh3RpSnmE3P0arUA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8a7f0db-CDG

GET
H3 200 swiper.jquery.min.js Show response
bluestarfam.org/wp-content/plugins/bbpowerpack/assets/js/ 123 KB
33 KB 568ms
565ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bbpowerpack/assets/js/swiper.jquery.min.js?ver=4.4.6.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 07:33:46 GMT
server: cloudflare
etag: W/"658d24da-1ea8a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ytO8aybAI983Ou7lBHCT9xfatN8zQsiw4dZGMrU3IU4C1AzvRAA3yoHnbzXrQqMYUU5nSDYuNTLJ71utQlUSw5FIMgNiuplOKGUmtrzCmAksaHtl6H1Bm4CLre6SxIgp8ym0vhKdAoIDZ2uEIM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8abf0db-CDG

GET
H3 200 460481-layout.js Show response
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 66 KB
17 KB 680ms
677ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460481-layout.js?ver=f803a349557e95232ec68d6ca5ec29b8.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b308f2ac06702753313c7ec5818fa5a5363b1cadb4ab60e644e7f66cc98f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-10648"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5d956iNzsrT2gsGXCECs5pzAfYugWVvPN%2Fm82C1XcJI7GsCMmFzsTyYsDab8pPJK9B1SpecR1WJQLO1vNT5niBMf78ZgOzLoziQDdpyPjq%2Fsi7HT7BUBk4fExDVaEFuA8SLxEnOy5t6W6M9kE0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8adf0db-CDG

GET
H3 200 jquery.fitvids.js Show response
bluestarfam.org/wp-content/plugins/fitvids-for-wordpress/ 4 KB
2 KB 457ms
454ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/fitvids-for-wordpress/jquery.fitvids.js?ver=1.1.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86a3beb137a396f9d6b8fea0c776ca3d1eb16bf6319182d1ff1b57a0ea6d5779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Oct 2022 02:33:36 GMT
server: cloudflare
etag: W/"6359ee00-f06"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0aqCCbwUtooARlCT86OuCHX9Hp5NeuiH0Nyb%2BwIRFHA7Rvp5DFMAH%2BXicSnTDB4Y92xkeZTDjUAfQv64Q7tmNlgbfzoOoIRBvAc3GOi8gmaZ%2BPm4gok3neZL3KFn3LSWz0Q9JpEkvLDDwaAzQk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8aef0db-CDG

GET
H3 200 core.min.js Show response
bluestarfam.org/wp-includes/js/jquery/ui/ 21 KB
8 KB 460ms
457ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 02:34:13 GMT
server: cloudflare
etag: W/"6424f525-53be"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvTdPOF5zFeNReXSEWUlkHnNaTakbuYR0ZAdeOV5asRvH%2FWWcYfoA%2F1gCSev5h4bI04NDufEeY7IV4Qx3vnZmpowXzAs11P9e6PcU6PAI4Mx3%2BO3d647sSsM0D%2F4NasdIipfDVr%2Fmc0TNg3%2B7gI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8aff0db-CDG

GET
H3 200 menu.min.js Show response
bluestarfam.org/wp-includes/js/jquery/ui/ 10 KB
4 KB 474ms
471ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 02:34:13 GMT
server: cloudflare
etag: W/"6424f525-2782"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHlHp55b0bp4TpMdklIcwtrOVOehpie5LJSSvVReX%2FRXKiWfAhHKJjXLXjWE0BbxiAC9tTNEAMfQHM7fskPjJ9PK1YE%2FhwDeheR8OaZ4ACF9wXM97VPZbIEMMNw1PzHK7rIeaIPn%2Bl%2FlGl%2BrJI0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8b2f0db-CDG

GET
H3 200 wp-polyfill-inert.min.js Show response
bluestarfam.org/wp-includes/js/dist/vendor/ 8 KB
3 KB 449ms
446ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 02:34:13 GMT
server: cloudflare
etag: W/"6424f525-1feb"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cln85EOPwOSi1RZqVaDe9lTFoiZJhtPUEhAyTLuVX8mJG%2FBbJSL11cAcQOdQf6s4T3zpAHI4b9iG%2BfjgGecuBl4dP7HcRtUm27Gj0S2cQL88xuHrdeKRnGkUl5ZD4sxSPZkqc7I0MtMZQ2eXi8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8b5f0db-CDG

GET
H3 200 regenerator-runtime.min.js Show response
bluestarfam.org/wp-includes/js/dist/vendor/ 6 KB
3 KB 454ms
451ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 07:33:59 GMT
server: cloudflare
etag: W/"654b39e7-19e1"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2hpjz5Suz%2FFdQkwJ25U5WlqRhfXJWGxfSGRBWR1%2FOw5fwem6cuX0oLjeYA6Kr2nmpHkrwqOR83PK%2FrXOGF%2FG9xzzpwtvL%2B0A38poUcLFsfLmdINiz6pJzLvFz6ssTGxv5PgLTS3MpmKRdxgEGQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8b7f0db-CDG

GET
H3 200 wp-polyfill.min.js Show response
bluestarfam.org/wp-includes/js/dist/vendor/ 112 KB
36 KB 563ms
560ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Nov 2023 07:33:59 GMT
server: cloudflare
etag: W/"654b39e7-1c1b7"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSuJGB0cfdryvUnflIXUPQfgf0pQWfZWmwSXEjpY2Pf%2Bphju%2BAw49DrMjtXoePqqUSs%2BLU09VeCEOP%2BUIqm7YF7CYrxLzTURRqSRvI2lMU9aP6kQ3ETPeO5oot%2F1hIOh1RNunGb0%2BO7TXxbNtyM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8b8f0db-CDG

GET
H3 200 dom-ready.min.js Show response
bluestarfam.org/wp-includes/js/dist/ 498 B
911 B 450ms
447ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 May 2022 21:00:43 GMT
server: cloudflare
etag: W/"628e98fb-1f2"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un438M5FTuRVghHQKE4fSA0wU6kSEefJn23tnc8M%2FEAlnA%2BkRrpw5wmi7P0TC4UqX7t3rAEOHwcaPv3soGoXRowfpqr%2BKYca%2FbcL0tOOZfKFd0Y7Z8L6x8qyCe6B%2FxsBWNmEwt44oen7k4vDQXA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8b9f0db-CDG

GET
H3 200 hooks.min.js Show response
bluestarfam.org/wp-includes/js/dist/ 5 KB
2 KB 1499ms
1496ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Aug 2023 06:33:46 GMT
server: cloudflare
etag: W/"64d3334a-1213"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fF0HHHJN7kqc9AeiUaOe4VtPTbpIVLsBXozBQr8e9%2FzYDlKyzexnWMQOpYEpQ%2BrBNc9VJu5TKcHPLCTYoLlNcWWtOUzzf2utgTt7xpFffoJH3DAzuInU82%2BPbaYmjsEqCNT297nmJk7VVUZ4c0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8baf0db-CDG

GET
H3 200 i18n.min.js Show response
bluestarfam.org/wp-includes/js/dist/ 9 KB
4 KB 468ms
465ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Aug 2023 06:33:46 GMT
server: cloudflare
etag: W/"64d3334a-24e5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFNmA5bUdfpSquB5z8JqAbij1gbVYmo2ejqS9spmSfnlTKzGVS%2Bqc5ZBGbYHZhLxRRTol8rnYvm8%2Bs4DBmZrHSIq6bZf3raErb9YbYycHEZZmgN7VdUdIn1dg1smQLBLbv76bBbRA7i7Np%2B%2B1Ws%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8bcf0db-CDG

GET
H3 200 a11y.min.js Show response
bluestarfam.org/wp-includes/js/dist/ 2 KB
1 KB 457ms
455ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Aug 2023 06:33:46 GMT
server: cloudflare
etag: W/"64d3334a-990"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Po5qSEu15zZCs%2FFetq9I0Fdn%2F5q2U54SXJ23HYu5fFZGVvPHO%2BcPfDHyXN2wCXm3WH7bC8udKN%2B1zXXKrmFtZdDU%2BY24C3ch2%2BUNcB00KfbUtQw5b8oFacGwxMdwL2xqQ25BTj%2B5qUMKgqvffFg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8bdf0db-CDG

GET
H3 200 autocomplete.min.js Show response
bluestarfam.org/wp-includes/js/jquery/ui/ 8 KB
3 KB 464ms
461ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e4307ac8b8c4d489c755729b6b1914a876f8693590e802b43ee4ac91b9aa354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 02:34:13 GMT
server: cloudflare
etag: W/"6424f525-2112"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W%2B%2BNp5VgOiLwIZRNZslXTzrjhi512zoAgAA8rlrW4ZmLHImvGLdUDUnhZ%2BToBkM2%2F7HapsLutlPzErjn991vdzXh%2FHTDTfICTHCzDI86w8B8ScXFD5ngSglVsmbr8kNcterDCMsbwcmLDVRJAI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8bef0db-CDG

GET
H3 200 search-autocomplete.min.js Show response
bluestarfam.org/wp-content/plugins/search-autocomplete/js/ 958 B
1 KB 463ms
460ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/search-autocomplete/js/search-autocomplete.min.js?ver=1.0.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d873e5e6bce997cc6b5624185a6fe77b8ec6736ccb0058c4d5a50fc7b9344ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2017 02:15:03 GMT
server: cloudflare
etag: W/"59b9e627-3be"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQJhZrEDtYXVM526yvEAypm%2BWphH0J1cEffSoXJ9xrSgo8yoSsOQw0EWPFirvF9aM230Ps%2ByWy1kfcuwFpkdppy%2FmPtPnTPsq9Dpb9j0%2Bc%2FipiBQ7ClisWCmMmkwgjnFDDEeZ1jD4pRHHbqdQgk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8c0f0db-CDG

GET
H3 200 jquery.ba-throttle-debounce.min.js Show response
bluestarfam.org/wp-content/plugins/bb-plugin/js/ 731 B
1 KB 460ms
458ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.7.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 07:33:28 GMT
server: cloudflare
etag: W/"6583ea48-2db"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5xIwYLiW38DebfkqzxRBro6BNIxFBGmsNu3hbu6GLOkxJo4evRjZscWta%2FPMJttYsJG%2FGyfYniprwk3vIv5s80EXiDYQUCUbeBOrUogsH14i%2Bs7nRBD5txGfBR9td6PXbWhXXP%2FrVSIem7YUVg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8c2f0db-CDG

GET
H3 200 bc659e89deb96b7fd0644fdd0b72b417-layout-bundle.js Show response
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 22 KB
6 KB 469ms
466ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/bc659e89deb96b7fd0644fdd0b72b417-layout-bundle.js?ver=2.7.4.2-1.4.9.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e0769cbbff1b7496c31bb5c4fdae005d8f00f41fd0eca236989254e1db702bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:55:45 GMT
server: cloudflare
etag: W/"659d96b1-5680"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Wh3VtLUxrSnY7WcnDucQbgLBxm5hW6bzDsz1X1lx0tQUl4HJx7mr37aHYeN%2BbZNy0jjTIpyIFAE5Xg9WXQVJQxjWa3o%2FKHc3nuT%2B998x%2BurB4ABIFgJtOK2qtmz5HS531glwXdPBw1NsUvU9mE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8c4f0db-CDG

GET
H3 200 blue-star-families-2017.js Show response
bluestarfam.org/wp-content/themes/blue-star-families/js/ 813 B
1 KB 451ms
449ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/themes/blue-star-families/js/blue-star-families-2017.js?ver=1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6617c247627e109a4a73871a3894d9f14dda01a61774d96c4abd2cf979e755b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Aug 2020 18:13:16 GMT
server: cloudflare
etag: W/"5f34313c-32d"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoE4UuJAnH5wgygZHEpXVkNTBB9%2ByMRWcgxsFWBpfGgJtXpQ%2BiEGAPTvt%2FrMnZTWh8OORPFuPcNvl%2BpjHlBPtNpNpowwd9zT%2FypKsIfdYoo0sZgirtM4O%2BK3INYe7S8ErlrJvv8hKh%2Brk8Nf9J4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8c5f0db-CDG

GET
H3 200 new-tab.js Show response
bluestarfam.org/wp-content/plugins/page-links-to/dist/ 24 KB
9 KB 466ms
464ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 May 2023 14:47:40 GMT
server: cloudflare
etag: W/"646f750c-609e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjxMZOOZCd67tnbF0FsljiPCHVHEK%2BTo88ghKEmxFVTu9F296nY9gVDM%2FmI%2Fb9zxNEOOgXj0xF8YZq5lp84nYUhNjK5nL%2B7nSPcEgfqZgD6hnlV53TREke9EMBwZbPl46kmEa7gmBTwTaGPdFlk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8c7f0db-CDG

GET
H3 200 show-to-new-visitors.js Show response
bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/partials/show-to-new-visitors/ 2 KB
1 KB 452ms
450ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/bsf-custom-functions/public/partials/show-to-new-visitors/show-to-new-visitors.js?ver=1.0.0.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e967dc9b84ce05841a1be1b7510207621139400bfccdc3e34f1cc6a4e71609cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Feb 2022 13:00:19 GMT
server: cloudflare
etag: W/"6214de63-6f0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yBjMDuHvu9JCmERhb09kmrLUciTzfc4OnvsGycVCIZZ8NAD7fbxo1OQa3TNUXWy%2BOq1%2FN6EYXHkh%2BhjTUJKozidjT8NrU1UEhqWeZ4jyvahRuxj52GnpbQmRj4eHQKYXkLjpg0zqfLl0CKs8IY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8c9f0db-CDG

GET
H3 200 hoverIntent.min.js Show response
bluestarfam.org/wp-includes/js/ 1 KB
1 KB 473ms
471ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 May 2022 21:00:43 GMT
server: cloudflare
etag: W/"628e98fb-5db"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9HvNQjOhSw1KDhWzGkazWsauf2jI5NyEV6FQr6ec2PQUkR1YIXfedorGIzaiVWhypMQ3xRoznF2WQeHS4bq24CVFYhLm6jGNQNqupOpYlJduExBWpTfncK1A4G%2FfyxtBTvgQdiwoYC3d56QM3c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8ccf0db-CDG

GET
H3 200 maxmegamenu.js Show response
bluestarfam.org/wp-content/plugins/megamenu/js/ 33 KB
6 KB 454ms
452ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.3.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e3f6d684bc0bfb692c53c3cb8ee62abfad2879fe3c0efd72de864d21e914187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Dec 2023 22:19:48 GMT
server: cloudflare
etag: W/"6580c584-828b"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XOjWAH03LG7aF5NwN5b7e2IB8YDGR0BASYJhrGBD8vr4yoiVyFkZ9%2FURUeufGFDC7oDCdlWrJvVBuy7%2BpZ23uQIfTDXeeW47W%2BGwzLQRudS69Kzt3cbcr6gPYzD2hV99oNKMTRW1XqRje2lCGk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8cdf0db-CDG

GET
H3 200 bootstrap-4.min.js Show response
bluestarfam.org/wp-content/themes/bb-theme/js/ 61 KB
16 KB 563ms
561ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/themes/bb-theme/js/bootstrap-4.min.js?ver=1.7.14.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Sep 2023 06:33:17 GMT
server: cloudflare
etag: W/"64fac02d-f3bf"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ew31stBL9z3OB8VrETEYLvfO3YfGcq2Rc752zlM7Cz8%2BFxBfrsjoGQuY8ZAHlcL426eeTyBEXB3r6Tc6FzTiGGOiwzfFHZnHvUmJx92EQJhEjSiIwZHcQsb1uanwneoIjRWFQHLlL3X0YmXL9aQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8cff0db-CDG

GET
H3 200 theme.min.js Show response
bluestarfam.org/wp-content/themes/bb-theme/js/ 22 KB
6 KB 464ms
462ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.14.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ee5a876f4eca8fafd9d5903458c7526a6cc40e020e12d0421b4d8c227a98f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 08 Sep 2023 06:33:17 GMT
server: cloudflare
etag: W/"64fac02d-59a5"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFf2%2Bh5iNA%2FXlMfws35d1l8SgppYVAZV%2FTwGvxC%2BNukLX12%2BR2dHHX2HYuWSVxI65RPxwYy5YcvbsYdKfZSjBj9UpPdU9g5eDSqufvH3XwBKZnNC0sXxzt77qPHSH4uvhR10LELWXxeqbPm8oAE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8d1f0db-CDG

GET
H3 200 460250-layout-partial.js Show response
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 314 B
810 B 469ms
467ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460250-layout-partial.js?ver=492e92c302af457d68f4fd74c2f5c9fc.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6114e721efaeda9f1623725abc7953ece1f472499ee28271426a933d6490493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-13a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6TFZeASw%2FQJannlb%2FsjHMkCGIEqtYZjP%2FukX4MS%2F45CNS25Jszq%2BX%2FGKX8JeL8TDCorpNR%2BnyJ6EpAZx41tOe%2Fm5zk5WUy6TZG2DSrIA0%2FQX8pvI%2B82%2FdZLbmW4jbXAKhUPUvQigr2FHB8IHz4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8d2f0db-CDG

GET
H3 200 460268-layout-partial.js Show response
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 314 B
799 B 450ms
448ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460268-layout-partial.js?ver=49e3159d13da53eb0b9646a83db1997a.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

026dbd44a07da53babe9cd35ef4a4e95b0e687c0e2075f6141b22634ee5f29ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-13a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VcugfkELdWRjl1LhSCFN1D7gM34NVjChlMT0MJG2RmIR%2B%2BsWWWIVsCvAvhqkKJLceEKVO2Ps5DWb2WOyD%2FkoGjsxvQWNm5fBIoEbDBcXLgNKLtQ5ct75L06PbKp%2B5G46Ql71enbZJRx90vTL0o%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8d6f0db-CDG

GET
H3 200 460263-layout-partial.js Show response
bluestarfam.org/wp-content/uploads/bb-plugin/cache/ 314 B
798 B 470ms
468ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460263-layout-partial.js?ver=bf84219c1ac584b044df1d9e84d8a85e.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9079c5c6b56e4e2ddd93a812ab5cf6233d9a9a3f9c4570fc51845d19fa9acf59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jan 2024 18:57:15 GMT
server: cloudflare
etag: W/"659d970b-13a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6ehHO0oK8uJ7W9ZCc4X8LOtuwr1xbKEkGcemD4%2Fa%2FrTgEFAQapMr7R6TiK7FOS3hmMYYNmqLh7Mxxic7GACH0FXLKda5AyAGAor6dSJBBx54hOoFqZ5m%2BrYO4ztnN0tQLD1Yi1ApJEfuOvnvRU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f02f6b8d7f0db-CDG

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
92 KB 186ms
75ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8DRL4H

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9848f4475e84755175fe8eba010e2f0df1c231d98c6b6a4a56164eb05b84af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93621
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 19:15:54 GMT

GET
H2 200 heap-1608587594.js Show response
cdn.heapanalytics.com/js/ 115 KB
37 KB 160ms
124ms Script
application/javascript 18.173.154.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1608587594.js

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-101.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

65b7d8a89967cb9c8b9e5f2f805a7f4129dcbcffa72d7e49425fea99bc783bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:03 GMT
content-encoding: br
via: 1.1 18d0e038a55eccdc9f0ad716edf64962.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-P3
age: 51
x-powered-by: Express
etag: W/"1cd20-at/sTsQ05ZYrbKWoP2oGYMgrKlM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wLN1BMeczCdMdgOFDGxFdb0qKx8M4p7gsAG-L9WuHwa_DF88b9U2NQ==

GET
H2 200 sp.js Show response
cdn.informz.net/web_trk/ 62 KB
22 KB 86ms
33ms Script
application/javascript 2600:9000:26db:7600:4:397a:df80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.informz.net/web_trk/sp.js

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:7600:4:397a:df80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6db1366dccdd6c074dcda0deb63c6bf6b516043024fd314ec70d83b07542b301

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
via: 1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 06:35:54 GMT
last-modified: Thu, 07 Dec 2023 17:37:26 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: MUC50-P3
age: 45600
etag: W/"04ff9a3429da1:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NfYruPYX5fKdo6PN9te1qTfWmKIfhkquuWsq9Cb4YO_RJrsB81OfKw==

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 43ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=fyy4ooh&ht=tk&f=50050&a=21722859&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fyy4ooh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 BSF-Hero-Header_Jan_24.jpg
bluestarfam.org/wp-content/uploads/2024/01/ 397 KB
398 KB 41ms
41ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2024/01/BSF-Hero-Header_Jan_24.jpg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460481-layout.css?ver=16feb8825e49811194f180afab7c27f6.1704827336

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4ef081072712e0b5ee7d2e8bdd96e1f848038d23df65dd408664a48375e9858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460481-layout.css?ver=16feb8825e49811194f180afab7c27f6.1704827336
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164377
alt-svc: h3=":443"; ma=86400
content-length: 406538
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jan 2024 22:23:01 GMT
server: cloudflare
etag: "65948cc5-6340a"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WceGgnzpPXL8ysLh%2BsiFax7Pm%2Bup3prumiPfYkbAMfHfiNzciIGv9TaU8QxH9O%2FDGh%2FYS%2Fx%2BboU0Tf4n4Zmd6%2FMzQ6FmlIs1%2B0%2F48GHR3jdPNMXgR%2FWk5imp4LBg8BLpKrVM%2F9NeMn84rN6U3oo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f729a5f0db-CDG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 235ms
124ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CPlayfair+Display%3A700i%2C600italic%7CLato%3A700%2C400%2C300&ver=6.4.2.1704827336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 479665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.15.4/webfonts/ 134 KB
134 KB 505ms
477ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.7.4.2.1704827336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.7.4.2.1704827336
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
cf-cache-status: MISS
x-amz-request-id: KJS3MGS0DGN9X5SE
content-length: 137104
x-amz-id-2: KDAoxNqNtvMjAaXOyNFpfYCObeeis8UFuFsjmRgt3+tiDXkMAbMVc07ntcC1ZXUDKaJ5dNLe85Y=
last-modified: Wed, 04 Aug 2021 20:59:35 GMT
server: cloudflare
etag: "dbf1fc91f1beec2915123257ea4d58ef"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 842f02f748dc9a1b-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 161ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CPlayfair+Display%3A700i%2C600italic%7CLato%3A700%2C400%2C300&ver=6.4.2.1704827336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 15:36:20 GMT
x-content-type-options: nosniff
age: 99574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 15:36:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 211ms
101ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CPlayfair+Display%3A700i%2C600italic%7CLato%3A700%2C400%2C300&ver=6.4.2.1704827336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:58:08 GMT
x-content-type-options: nosniff
age: 37066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:58:08 GMT

GET
H2 200 nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 23 KB
23 KB 277ms
168ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UXtHA-Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A700%2C400%2C300%7CPlayfair+Display%3A700i%7COpen+Sans%3A300%2C400&ver=6.4.2.1704827336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bd07bee1ae9aa11e2bb6540f9d587d934ac0e64fe4f263cf0cd033b5ff8733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 01:14:52 GMT
x-content-type-options: nosniff
age: 64862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:47:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 01:14:52 GMT

GET
H2 200 nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ 37 KB
38 KB 293ms
183ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CPlayfair+Display%3A700i%2C600italic%7CLato%3A700%2C400%2C300&ver=6.4.2.1704827336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bea2ce3dca226a4838e4af71141ff1812ac03a033c903d994b66c96acac0a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 12:37:12 GMT
x-content-type-options: nosniff
age: 110322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38288
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:47:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 12:37:12 GMT

GET
H3 200 BSF-Logo-2018-01-2.png
bluestarfam.org/wp-content/uploads/2017/09/ 7 KB
7 KB 102ms
101ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2017/09/BSF-Logo-2018-01-2.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a3e2e16ea172c17e3c87a739250d3a9a3fbf7b131bfce5370a4efa45866b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 820306
alt-svc: h3=":443"; ma=86400
content-length: 6878
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 May 2019 17:17:58 GMT
server: cloudflare
etag: "5ce82746-1ade"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nf%2Fw%2FHnvGzob1SYndJHlSXxYtAAwgQZQ1d8nrYpeD75EzoBoKpk0TEtvSxuTonF2FzDzrhL7Ldq%2FlDSGZF6riFnBwt3Ea3oMQVGlVl9fk8P%2FvQzJm1%2FbFakw%2B%2Bq7B5X75bPlTY914D5QVVfEvKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f749ebf0db-CDG

GET
H3 200 Kathy-Roth-Douquet_071-300x300.jpeg
bluestarfam.org/wp-content/uploads/2022/08/ 29 KB
29 KB 558ms
557ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2022/08/Kathy-Roth-Douquet_071-300x300.jpeg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d2ebd4af7fdb6892244661b474f342d5d9771bf2a304e219e4e927ee01bfc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29610
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Aug 2022 18:26:06 GMT
server: cloudflare
etag: "62fd32be-73aa"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yse9tdWbTlBi7WUtaJGr3QLulq1QhidvEYag1qnXvBrdl%2FPyiqEtozJgYsFfji4Hb27ceyKJuKKydZazwMlkUf9RAzskL0WNP4yPGwYJ97lN%2FNskbWZ9Wl85JZDDeEUYdNzuN45FLwCopwEZzpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f749eef0db-CDG

GET
H3 200 Kathy-Signature-lg-300x155.png
bluestarfam.org/wp-content/uploads/2021/01/ 6 KB
7 KB 668ms
667ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2021/01/Kathy-Signature-lg-300x155.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eac91de82967361f6fdc5be092d7fa8d249d5cf109bfbe4cb944c2867849be3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6472
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Jan 2021 14:19:20 GMT
server: cloudflare
etag: "60117668-1948"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6n0mGCXGIIUqAFc3WzmJ29UngXPzFnjngAQisda%2FdbwC3ORjFklsFQDvxVxjbWNL10vecc2Z61kXjabDOjbpKvkQ3r1kOCFQz7yTu9JU7hoaG0fhq%2BrZ57uWX46jOxCafVjUpMH5QqTYZZMlk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f749f0f0db-CDG

GET
H3 200 BSF_MasterClass_1200x675.png
bluestarfam.org/wp-content/uploads/2024/01/ 311 KB
312 KB 103ms
101ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2024/01/BSF_MasterClass_1200x675.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e958465871d0721fea193f5bdc54e46cf63e0870660555e5c53dcca63b6bdcd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164377
alt-svc: h3=":443"; ma=86400
content-length: 318363
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jan 2024 16:43:55 GMT
server: cloudflare
etag: "65943d4b-4db9b"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gI2JYwzNgMllADt%2FkDFQAyh1oOazzbI0%2BGcvD7uf21WdBZqk6B2UuiE9wMFeK6iYHOuVSWdIbcbeG5nTSuDGY30dPtMfleB0x6F0CIDLh4XS0PBX0y%2FRVBcfWlyqjjFLZInqYeiyZ484DDWNT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f749f1f0db-CDG

GET
H3 200 BSF-Feature-Suicide-Prevention-Training.png
bluestarfam.org/wp-content/uploads/2024/01/ 141 KB
142 KB 119ms
118ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2024/01/BSF-Feature-Suicide-Prevention-Training.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611751965611cb1489f3186e37a3eef0213aace33936c6742b3efdc488539971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164376
alt-svc: h3=":443"; ma=86400
content-length: 144396
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Jan 2024 16:21:48 GMT
server: cloudflare
etag: "6595899c-2340c"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEYP%2Bi%2Bl3N4sNUtTODdtkNAYQcbFKShZteEJUkN44Ii0nYMcFn6Iz7HmLv9dcERar%2BFCtqZ0wk8d2zH4lUjWqK234fpITpLmKwMPlUknpkZ1OAgZB6zwGxJi2jvCQHcWsx6TPuocsOccDbgN5wM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f749f3f0db-CDG

GET
H3 200 BSF_BSN_Nextdoor_Sep23_1200x675.jpg
bluestarfam.org/wp-content/uploads/2023/09/ 129 KB
129 KB 685ms
684ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2023/09/BSF_BSN_Nextdoor_Sep23_1200x675.jpg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b44a4aab7949c3eb93328c4b7e94aec9375059cfa26277099ea65b5fc6494c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 131603
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 20:30:13 GMT
server: cloudflare
etag: "65036d55-20213"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKyRFD4TEnHYAZSO%2BG4HxhST7oIr0Dov7NG7kM%2B9nmLSUdZudDDFt6R%2F4TBqK24HZXryLX6RATKeIwM2kerDwrP%2Fz6CxNdDoxY7rgBYYuNabp4%2BnUhPCDzj2GJxjcIxYig2GlrDegeRPaJpp%2BtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f749f8f0db-CDG

GET
H2 200 / Show response
bsf.informz.net/web_trk/collector/ 12 B
1 KB 334ms
105ms XHR
text/plain 18.209.122.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bsf.informz.net/web_trk/collector/?e=pv&url=https%3A%2F%2Fbluestarfam.org%2F&page=Welcome%20to%20Blue%20Star%20Families&tv=js-2.5.3&tna=infz&aid=757C5148-BC03-47E1-967A-F27E7BBFF9A7&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=0c997ae3-d06d-4256-9a70-f36ab1bd36ab&dtm=1704827754128&vp=1600x1200&ds=1600x1880&vid=1&sid=4234da08-13db-444b-9949-aa6c414666d1&duid=e938b586767b17a6&fp=3842461078

Requested by

Host: cdn.informz.net
URL: https://cdn.informz.net/web_trk/sp.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.122.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-122-234.compute-1.amazonaws.com

Software

Microsoft-IIS/10.0 /

Resource Hash

a29a3585f15421c271aa8e5598ff19e560acf8c9b659725b93b86124426bd582

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
content-encoding: gzip
strict-transport-security: max-age=86400
server: Microsoft-IIS/10.0
vary: Accept-Encoding
content-type: text/plain; Charset=UTF-8
access-control-allow-origin: *
cache-control: private
content-length: 130

GET
H3 200 BSF-gray-star-bkgrd.jpg
bluestarfam.org/wp-content/uploads/2021/11/ 34 KB
34 KB 26ms
26ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2021/11/BSF-gray-star-bkgrd.jpg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460481-layout.css?ver=16feb8825e49811194f180afab7c27f6.1704827336

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c0371cb133ff8944f921228ca2a127ea66a220bc3caa7cbea09f81a5af36a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/wp-content/uploads/bb-plugin/cache/460481-layout.css?ver=16feb8825e49811194f180afab7c27f6.1704827336
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164377
alt-svc: h3=":443"; ma=86400
content-length: 34575
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Nov 2021 14:06:46 GMT
server: cloudflare
etag: "618145f6-870f"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xFtB1XvwjgwMH%2F1YQSJX%2BJXDAmCArD5xTQ2C236phvhrdekTMN0zI4Os%2BfTkTBx6a5DjCAUhXWtf6VLIqEoW3kiC3na6eYEfIkjokv1II320mGRmWJliYg69%2BQDv5hwYoOm%2B4ZbE0mOMwpL43w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f86ce7f0db-CDG

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 115ms
114ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%7CPlayfair+Display%3A700i%2C600italic%7CLato%3A700%2C400%2C300&ver=6.4.2.1704827336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:22 GMT
x-content-type-options: nosniff
age: 37112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:57:22 GMT

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 424ms
424ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.7.4.2.1704827336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4

Request headers

Referer: https://pro.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.7.4.2.1704827336
Origin: https://bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
cf-cache-status: MISS
x-amz-request-id: KJS3Z3QN4HSBX158
content-length: 76728
x-amz-id-2: 1cmWwuVb5qLEMgJPfTokyGIb8lHkiQfiKv67Y8FmS3lWszntgx+VZE0v3r69s+tjWqSTseThbNs=
last-modified: Wed, 04 Aug 2021 20:59:34 GMT
server: cloudflare
etag: "f4120760fb40152d1bdb109103063c13"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 842f02f869f59a1b-FRA

GET
H3 200 Benefit-Events.png
bluestarfam.org/wp-content/uploads/2021/11/ 287 KB
288 KB 653ms
652ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2021/11/Benefit-Events.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde23b1574cd345ee6646c82840876ec2a9c82bbc74f1dc615ab79e9f76a2297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 294243
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Nov 2021 21:22:19 GMT
server: cloudflare
etag: "619c0a0b-47d63"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRuR6QlvqK95KiwePWKrtDUzSnedD1rzp5naidI3FEppQTpML9%2FMjg44F4bNJY3IDPPkevDEZF5A6ZYB%2F5oC8ZFAxQlir5zRQsvjujmEq3gP%2BnMRlEHIlQyl5lv%2BP18XIGrMzSO9U8WkOfFScj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d36f0db-CDG

GET
H3 200 Benefit-Perks-1.png
bluestarfam.org/wp-content/uploads/2022/02/ 739 KB
740 KB 659ms
657ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2022/02/Benefit-Perks-1.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49682f0aa0b3a8c25109377d085c414c1bbba13eefb95d1dee843436d4d31e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 756864
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 15:57:55 GMT
server: cloudflare
etag: "62165983-b8c80"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBjA20NN7Siv%2FStfVfQMm%2FdC3zI8Nrb%2B6b5ag3J%2FCeBAhy7dKzSBke8IXJcOIDcOzKRU8z5UNT8d6yZt4vufWD3UgD%2BYORHr1KhfVoceODU%2BBh%2BFMeJWOCOhBc6RcUGX20mR6LyuUQAFLBQnVRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d3bf0db-CDG

GET
H3 200 Benefit-Volunteer.png
bluestarfam.org/wp-content/uploads/2022/01/ 269 KB
270 KB 659ms
658ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2022/01/Benefit-Volunteer.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e2b66b65bc9b8f81b39e116ff072e6ed881167e5b422327e0c19bd2092f83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 275698
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 Jan 2022 16:08:17 GMT
server: cloudflare
etag: "61f02071-434f2"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtFIJVqV%2F8JPRR15EqcQhzO%2F1wruvjfdphYH9lKlrU258hBkcuH8pwOXgoRc%2FYcj73rbRehRD9fdrxOPc2a4d4Ah%2BRiwE3tHbc1ZVOqUpQEK1h9h8akydn%2BjhcJOFWPMB4dzKXdeiDOdMBYGu%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d3ef0db-CDG

GET
H3 200 BSF_Neighborhood_Logo_02-2048x612.png
bluestarfam.org/wp-content/uploads/2020/04/ 102 KB
102 KB 654ms
653ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2020/04/BSF_Neighborhood_Logo_02-2048x612.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9d01a33b132103cd816305a0ee3ce558f2c546973fc7368ae402dbea1da502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 104035
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Feb 2023 18:16:42 GMT
server: cloudflare
etag: "63ee730a-19663"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjkUEHoo33JTCXaJ%2F8EyQ0kmd1%2BbLxp7T0ZTpnObASsG5ns8%2FK6JkwRWvciAplROqPhISTJJUm4VLW6JLAZbKLladzhHc2OOIXRJIagSYLdGyljMhN7%2BOtkVG1b52TGtAvf4LKR5h69rY7%2B8hHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d41f0db-CDG

GET
H3 200 BSF_Website_Events_Icon-2048x1964.png
bluestarfam.org/wp-content/uploads/2021/11/ 582 KB
583 KB 713ms
711ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2021/11/BSF_Website_Events_Icon-2048x1964.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2edd56f3e38418f4a39abe669da43e9a49ed0b142a2cd3155c599f9aac8ee56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 596405
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Nov 2021 16:51:58 GMT
server: cloudflare
etag: "619bcaae-919b5"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMTGe59iIqrT5yUzBhMEUr8yS97woS9QnP8uVbNjZ2yIhwBi7xHbITlXcAfa2Xb%2BRRkIs6kZJZY77DhzfDxj9R%2BlMu4DgmMaArZazxd4PT13zny9xRFgm1geZ%2Fg9mX1yG%2FvCMoWQY7XdDsp2RVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d42f0db-CDG

GET
H3 200 BSF_Website_Volunteer_Icon.png
bluestarfam.org/wp-content/uploads/2023/07/ 75 KB
76 KB 662ms
661ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2023/07/BSF_Website_Volunteer_Icon.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab20823cb9ad461c90829c891f440cdbec2d195cb6502fe026e8bcdba526056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 76927
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 28 Jul 2023 17:04:34 GMT
server: cloudflare
etag: "64c3f522-12c7f"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyFjSs1wZZC3TQWXyhsq0zZTt%2FV8cE3XYZfg%2BQ1FB5%2BLuWn2KdmhA%2Bm%2FQfl9r%2F2uTRQmcYqqBrtbpdf2ZUTVaQiCVs3zcO9YO2WyaaE7bKSLhz2v%2BZQIaEEee0a5wBZKeQhEggHtuIrxYBmzODo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d44f0db-CDG

GET
H3 200 BSF_Website_Perks_Icon-2048x2044.png
bluestarfam.org/wp-content/uploads/2021/11/ 2 MB
2 MB 666ms
665ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2021/11/BSF_Website_Perks_Icon-2048x2044.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee496081e87c76d4afb442786a5e6c48834a41a03729ddeefe1b60421fde159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1732712
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Nov 2021 16:52:14 GMT
server: cloudflare
etag: "619bcabe-1a7068"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bg0cYDjkKSOUSdQkHXRJhmhQyEMB2CTR%2BRF7OkAMvd7kjtmpBcG33IOTfv%2FHGiiRZ6nu3OOS%2B%2BGRAz6A%2FoGlJklX3pmb%2FijTJq6LD78ePOeVwmKUFlwpX0M81SFqwWfXiwv0cbFBXrAKvOT1LmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d45f0db-CDG

GET
H3 200 BSF_Website_Resources_Icon-2048x1578.png
bluestarfam.org/wp-content/uploads/2021/11/ 515 KB
516 KB 673ms
672ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2021/11/BSF_Website_Resources_Icon-2048x1578.png

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11f1cd0494de7c684308829e164f5bf987a65d074b23635148be60bd88794f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 527256
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Nov 2021 16:52:20 GMT
server: cloudflare
etag: "619bcac4-80b98"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlWemRtwu9%2BSIYtdge0LLiEA0iQiLkYsLCAe4Ku1PuodRpClbKi1CSIarG0%2Br8hcP9%2FjZ08R7D5QTBXMBY3Vi7RnQdHo%2FBZm4K5N2fg5ucXtsYoEE4%2BCJqZFS9mwr3AyyyhWxPOkBBCVkN6Zxrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d47f0db-CDG

GET
H3 200 BSF_SFMilCampaign_Cindy_1200x600_BlogHeader.jpg
bluestarfam.org/wp-content/uploads/2023/11/ 93 KB
93 KB 28ms
27ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2023/11/BSF_SFMilCampaign_Cindy_1200x600_BlogHeader.jpg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73af752a0ea79af64f093061131ead3baeee56b566fe29e8ab2bf875475de3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164376
alt-svc: h3=":443"; ma=86400
content-length: 95012
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Nov 2023 15:53:06 GMT
server: cloudflare
etag: "655e23e2-17324"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QQl8C23U4AFfbkoPRNuO%2FRXtu7O6CsxXAHbR4mCzBGSB119hpcJ59Fddx5qpDQZLfZ7VDPZwLWyrKhse35pGJiB9SSbJJOdo13v5bruxhXwbRPSSoTFQhN3AquFDZzMiqZZDvMGCzTxU9A0ICk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d49f0db-CDG

GET
H3 200 BSF_TMobile_Blog_EmailHeader_Nov23_1200x600.jpg
bluestarfam.org/wp-content/uploads/2023/11/ 235 KB
236 KB 32ms
31ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2023/11/BSF_TMobile_Blog_EmailHeader_Nov23_1200x600.jpg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fda11be389a45ffdaf3f925f3b697b46d07977e1a8c2f9cf18745936f4f1bf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164376
alt-svc: h3=":443"; ma=86400
content-length: 240806
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Nov 2023 17:52:39 GMT
server: cloudflare
etag: "654d1c67-3aca6"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4B3%2BMQoc9%2BmAEbOJV46LshbYGL8UKg0yu0RrLg57lIwHR6JxkoDrs%2FIdLM7jIYojpsHPhaj3VJB4vLOkTwleI%2Fr390FgF9nkVOhyuqCza%2FLczBAyed2DRPBVO7GY2gnQaZFdfKcjQJT6oBCw7Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d4cf0db-CDG

GET
H3 200 BSF_NN_Header_Oct23-1.jpg
bluestarfam.org/wp-content/uploads/2023/10/ 135 KB
136 KB 641ms
641ms Image
image/jpeg 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bluestarfam.org/wp-content/uploads/2023/10/BSF_NN_Header_Oct23-1.jpg

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83719abe9b32c796c11d4968a2ff27abba69dc2a828e00f47da0a9575de39702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 138280
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 18:17:33 GMT
server: cloudflare
etag: "651b093d-21c28"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDSBhdDfbVJ4A10hJErvXZuq896%2FtTHVj8B15566RkhiDBSPB%2FNULVLVeJGECwGV3jrn%2F%2BvweF3YIuMnwJrZhf1%2F3n9eSig2X56HUd9vKGlsPjOYpelz70cBAOfzxUfUqcJOPBKe82EyrjnXTyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 842f02f88d4ef0db-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2EZGDJEX25&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8DRL4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

079ee7537f45a9d5581f2ad144c3d6205875a7ae46a2056fb7dc676ba4013a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:54 GMT

GET
H2 200 678e7cd3-368d-4cf5-8a3f-2d820944505e.js Show response
cdn.mouseflow.com/projects/ 65 KB
19 KB 133ms
87ms Script
application/javascript 2606:4700::6812:1b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/678e7cd3-368d-4cf5-8a3f-2d820944505e.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8DRL4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65727f531ab4e2a2e338d103458089c7744f7470289340986b5a32ef2be3d57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-mf-script-region: EU
last-modified: Mon, 18 Dec 2023 02:03:02 GMT
server: cloudflare
etag: W/"16dcda545631da1:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 842f02f9387565c1-FRA
expires: Wed, 10 Jan 2024 19:15:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 175ms
51ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8DRL4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 17:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5257
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jan 2024 19:48:17 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/undefined/ 3 KB
2 KB 188ms
77ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/undefined/?random=1704827754385&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbluestarfam.org%2F&label=https%3A%2F%2Fbluestarfam.org%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20Blue%20Star%20Families&value=0&bttype=purchase&auid=1383797309.1704827754&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8DRL4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

279d0583e24f3b6f8cf77f2f38b460f7f196f8e6fd49793d6e1794462cf9891d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1620
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gf.js Show response
websites.cdn.getfeedback.com/embed/PrYUbztxMQ/ 119 KB
41 KB 39ms
8ms Script
text/javascript 2a04:4e42:400::432
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://websites.cdn.getfeedback.com/embed/PrYUbztxMQ/gf.js

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::432 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

980a5304c237fe64466f0c16d62a80412a53b5249c3a8b93407949c80af4fcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
via: 1.1 spaces-router (devel), 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 2265096
x-cache: HIT
content-length: 41230
x-xss-protection: 1; mode=block
x-request-id: 40e4516d-2137-f8e8-9a28-74ef81f4a54c
x-served-by: cache-fra-eddf8230023-FRA
x-runtime: 0.010898
referrer-policy: strict-origin-when-cross-origin
x-timer: S1704827754.423093,VS0,VE2
etag: W/"980a5304c237fe64466f0c16d62a8041"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
149 B 100ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=rai6x52&ct=0:6k8xwmb&fmt=3
Requested by: Host: bluestarfam.org
URL: https://bluestarfam.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 101ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2EZGDJEX25&gtm=45je4130v878323641z8813160874&_p=1704827754021&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=288225348.1704827755&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704827754&sct=1&seg=0&dl=https%3A%2F%2Fbluestarfam.org%2F&dt=Welcome%20to%20Blue%20Star%20Families&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2078
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EZGDJEX25&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluestarfam.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 163ms
52ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2EZGDJEX25&cid=288225348.1704827755&gtm=45je4130v878323641z8813160874&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2EZGDJEX25&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluestarfam.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 188ms
79ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2EZGDJEX25&cid=288225348.1704827755&gtm=45je4130v878323641z8813160874&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1898036884

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 58ms
58ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=663758542&t=pageview&_s=1&dl=https%3A%2F%2Fbluestarfam.org%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Blue%20Star%20Families&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1302709172&gjid=1188143705&cid=288225348.1704827755&tid=UA-10818124-1&_gid=1007818767.1704827755&_r=1&_slc=1&gtm=45He4130n81W8DRL4Hv813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=2074748949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluestarfam.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluestarfam.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/undefined/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
154 B

67ms
67ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbluestarfam.org%2F&label=https%3A%2F%2Fbluestarfam.org%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20Blue%20Star%20Families&value=0&auid=1383797309.1704827754&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUkltQUZMemZ0T3FyT3R0dFVyVHpQN2dLNC1zcENWd18yWlZxaldMNkNjNHI4dktJMWk4NF93GlhDaEFJZ1ByenJBWVFrZm5Za0xyZjdxQi1FaTRBNk44Yk1YUTlNbnh3eWRWa09lM1RDaU1iUVdBZ096c01maDdsc3N6elIxTElLNVVCLVF0aDU1eXpaQzI0IhMIqPnYpYLRgwMVTMc7Ah0cDQ2t&is_vtc=1&ocp_id=apudZaicIMyO78EPnJq06Ao&cid=CAQSGwAvHhf_ormb0upEF1IdodaTJYa7AjfK0S0S0A&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBBhEdAqiLYxNxr_0xHDm9gMZVkVPbm4NbU&random=2573989685&ipr=y

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/undefined/?random=1314145835&cv=11&fst=1704827754385&bg=ffffff&guid=ON&async=1&gtm=45He4130v813160874&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbluestarfam.org%2F&label=https%3A%2F%2Fbluestarfam.org%2F&hn=www.googleadservices.com&frm=0&tiba=Welcome%20to%20Blue%20Star%20Families&value=0&auid=1383797309.1704827754&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ1ByenJBWVF2TkROd3VmX3NMZVBBUkltQUZMemZ0T3FyT3R0dFVyVHpQN2dLNC1zcENWd18yWlZxaldMNkNjNHI4dktJMWk4NF93GlhDaEFJZ1ByenJBWVFrZm5Za0xyZjdxQi1FaTRBNk44Yk1YUTlNbnh3eWRWa09lM1RDaU1iUVdBZ096c01maDdsc3N6elIxTElLNVVCLVF0aDU1eXpaQzI0IhMIqPnYpYLRgwMVTMc7Ah0cDQ2t&is_vtc=1&ocp_id=apudZaicIMyO78EPnJq06Ao&cid=CAQSGwAvHhf_ormb0upEF1IdodaTJYa7AjfK0S0S0A&eitems=ChEIgPrzrAYQkbTW6cHVnIScARIdAMSJEBBhEdAqiLYxNxr_0xHDm9gMZVkVPbm4NbU&random=2573989685&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 52ms
52ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10818124-1&cid=288225348.1704827755&jid=1302709172&gjid=1188143705&_gid=1007818767.1704827755&_u=YADAAEAAAAAAACAAI~&z=1367734709

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluestarfam.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 09 Jan 2024 19:15:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bluestarfam.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 186ms
76ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10818124-1&cid=288225348.1704827755&jid=1302709172&_u=YADAAEAAAAAAACAAI~&z=74904614

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
77ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10818124-1&cid=288225348.1704827755&jid=1302709172&_u=YADAAEAAAAAAACAAI~&z=74904614

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 42 KB
11 KB 59ms
33ms Script
text/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5fce47dee3bb80729eb88ba515fcd5a2a13be169febe8f0ab14cfffdcdab4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 300
x-amz-request-id: 3ESCFF2AVK57SZC8
x-amz-server-side-encryption: AES256
x-amz-id-2: gJB6hAzzpxgo6w7Q5/L4AznQZOr15BRE1IttItcbM/kcV+YK5IeXNZYNBli2PJNy1fy0agw6hXY=
last-modified: Tue, 19 Dec 2023 19:04:26 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b951865abe3fe020f6d8fd7f92567eb0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 842f0300388c5c1a-FRA

GET
H3 200 wp-emoji-release.min.js Show response
bluestarfam.org/wp-includes/js/ 18 KB
5 KB 131ms
131ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bluestarfam.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2.1704827336

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 30 Mar 2023 02:34:13 GMT
server: cloudflare
etag: W/"6424f525-4904"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpBzB5KRYT0pfk6q7PeAqG6KA1oeZxcYPW3i5PkHunhikPJwi63WjhGmp2ZZPAv5FMY%2BzSGob5YNWsMMd3HARnmvwnftP3j%2FGFiGDxxeZzw2l0dLru047p6AT4zpc%2B1nDa%2FMy7HRAfwOw96C3cQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
cf-ray: 842f03002851f0db-CDG

GET
H/1.1 200
OK info Show response
api.chatfast.io/chatbot/public/ 1 KB
1 KB 326ms
124ms Fetch
application/json 67.205.187.203
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.chatfast.io/chatbot/public/info?chatBotId=93ee97e6-28e7-4a08-93e2-fa741a72e4e3
Requested by: Host: chatfast.io
URL: https://chatfast.io/chat.script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.205.187.203 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: 6b9de8ae9711379e233c08e222a91d5e4f4a84d7d878758a5bd34e23434f4b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Jan 2024 19:15:55 GMT
Access-Control-Expose-Headers: X-Data-Sources
Server: nginx/1.22.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 317ms
102ms Image
image/gif 107.23.86.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1608587594&u=3869286068025083&v=4227323475017413&s=7240878032041607&b=web&tv=4.0&z=0&h=%2F&d=bluestarfam.org&t=Welcome%20to%20Blue%20Star%20Families&ts=1704827755558&st=1704827755558

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.86.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-86-50.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 / Show response
connect.bluestarfam.org/give/474515/ Frame 2340 95 KB
30 KB 1203ms
1058ms Document
text/html 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/give/474515/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d2f00480ba62a516b204cc50b4ce12e863467ec26dc8d4089f6e7c62c7c2c29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://bluestarfam.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 842f03017ecb6f6a-CDG
content-encoding: br
content-security-policy: frame-ancestors 'self' https://bluestarfam.org;
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPuzCDeDG2%2BQgCAGokOryMTf86S7fc56DmikXuhGyx5wmZfFHk7dHhItx5hv9mTMYslF7f%2B5MaioXgknn%2FFo31UOI2K1dLQkzdrUwfs%2FTeg2aXcORJpTqZrGtt44dGgFx6Wq%2BnOmvjeUvy5qJbR4mnvExbPW1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

93ee97e6-28e7-4a08-93e2-fa741a72e4e3 Show response
www.chatfast.io/chat/ Frame 7E8B
Redirect Chain

https://chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

27 KB
7 KB

10ms
10ms

Document
text/html

76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Requested by

Host: chatfast.io
URL: https://chatfast.io/chat.script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2873523ef067691dff910b96ab65cffa8c0ebfeb68275c89256f0154a7eb0d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1676222
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="[id]"
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:55 GMT
etag: W/"bcb9c163535300d79d252a65fafe3108"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /en-US/chat/[id]
x-vercel-cache: HIT
x-vercel-id: fra1::2bnzd-1704827755882-27ab47c92c43

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Tue, 09 Jan 2024 19:15:55 GMT
location: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
refresh: 0;url=https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: fra1::v6j4p-1704827755872-a6c1f7937763

GET
H2 200 5d1ac1c0caa348eb.css
www.chatfast.io/_next/static/css/ Frame 7E8B 5 KB
2 KB 9ms
9ms Stylesheet
text/css 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/css/5d1ac1c0caa348eb.css

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f277c1c8f3b3658ce515beec3b5b6475da75f30cf1f8277b9d6e519fe6d87c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2bnzd-1704827755895-a78ea49c68f8
age: 1680875
x-matched-path: /_next/static/css/5d1ac1c0caa348eb.css
etag: W/"dd9ce416df98467feac11145d0b3d3a9"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5d1ac1c0caa348eb.css"

GET
H2 200 716e8aff09c63217.css
www.chatfast.io/_next/static/css/ Frame 7E8B 231 B
401 B 12ms
11ms Stylesheet
text/css 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/css/716e8aff09c63217.css

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

90902d6519b4893fb55f9be1a6552d291b8d14f455c528b5848c017ae91014d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::j7pzp-1704827755894-2a529153feac
age: 1681372
x-matched-path: /_next/static/css/716e8aff09c63217.css
etag: "07a273a8e2f2a21b1ec462b6a24daf5e"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="716e8aff09c63217.css"
accept-ranges: bytes
content-length: 231

GET
H2 200 webpack-d36b50b5fb8708d9.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 2 KB
1 KB 17ms
16ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/webpack-d36b50b5fb8708d9.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6157a7930e0b61cc770e870221c1c76d482ed12252efd952fd9d084a491d7ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::j7pzp-1704827755908-826e1382e5b6
age: 1680174
x-matched-path: /_next/static/chunks/webpack-d36b50b5fb8708d9.js
etag: W/"16ec3592970bb26d76a17951fee0ad5a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-d36b50b5fb8708d9.js"

GET
H2 200 framework-1f1fb5c07f2be279.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 138 KB
46 KB 10ms
9ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/framework-1f1fb5c07f2be279.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

13b25bb108f8024f644b2ed5dbc9a7abd6e95ee689e10910e91da0d654583383

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2bnzd-1704827755908-0494f33bc4c6
age: 1678589
x-matched-path: /_next/static/chunks/framework-1f1fb5c07f2be279.js
etag: W/"da99253ac978dcdbbc051a9a987ae1b4"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-1f1fb5c07f2be279.js"

GET
H2 200 main-c0c1edbcf0d13121.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 90 KB
29 KB 18ms
17ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/main-c0c1edbcf0d13121.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

cc60672d61f01b97b4a19b06998f22c70f54f58ebf1eb132600e1a4b46fbc2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::ntxr7-1704827755908-d8ce1d2bd12b
age: 1693293
x-matched-path: /_next/static/chunks/main-c0c1edbcf0d13121.js
etag: W/"0fa32d5f2e2d335a7b5265eba7778625"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-c0c1edbcf0d13121.js"

GET
H2 200 _app-e453a206e631670c.js Show response
www.chatfast.io/_next/static/chunks/pages/ Frame 7E8B 653 KB
190 KB 29ms
28ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/pages/_app-e453a206e631670c.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8029ee9017cac4ffeb3c57d4a394a929759ccf0cd8ed5df0d79d4629a814a605

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::9r6cq-1704827755910-39379eb67724
age: 1672354
x-matched-path: /_next/static/chunks/pages/_app-e453a206e631670c.js
etag: W/"94cdd94ad381d133122f6e469ba9d86c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-e453a206e631670c.js"

GET
H2 200 75fc9c18-2cc04cd5a8e46304.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 57 KB
20 KB 10ms
9ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/75fc9c18-2cc04cd5a8e46304.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

712734c04ca7888e85175a955b2cef0e0bd48a7abd4f385b3429ef8121999459

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::xt87k-1704827755908-55b3f767344f
age: 1671490
x-matched-path: /_next/static/chunks/75fc9c18-2cc04cd5a8e46304.js
etag: W/"24c07ceb0d5c0fd5367679573ae0cb9f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="75fc9c18-2cc04cd5a8e46304.js"

GET
H2 200 78e521c3-ffaaec9715858159.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 852 B
1 KB 24ms
23ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/78e521c3-ffaaec9715858159.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5a3ed9e417a102c92f939a0474f4dba6a81283770bb15c7fde89cb83a6f70206

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vt8f2-1704827755908-eea8b73a116b
age: 1671621
x-matched-path: /_next/static/chunks/78e521c3-ffaaec9715858159.js
etag: "6a89feaabd5f8291170f2c081c597141"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="78e521c3-ffaaec9715858159.js"
accept-ranges: bytes
content-length: 852

GET
H2 200 3799-30ec13d58a6215f9.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 49 KB
17 KB 17ms
16ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/3799-30ec13d58a6215f9.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

863de28b952f5a94fc1c43207c6ac046cf1dc13a2d78fc9bafbc61236da6c390

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::86zw8-1704827755908-95fae425bea6
age: 1670871
x-matched-path: /_next/static/chunks/3799-30ec13d58a6215f9.js
etag: W/"fe136b15ca90d9870d03db9009214637"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3799-30ec13d58a6215f9.js"

GET
H2 200 8770-06aa45a4302ba7d5.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 18 KB
7 KB 25ms
24ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/8770-06aa45a4302ba7d5.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2ff5670c3090f70ad0db9e0a0149d56febe0d00dfb135e82fa6a904b94ee205e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::q2tlb-1704827755908-2bc6f9102879
age: 1689506
x-matched-path: /_next/static/chunks/8770-06aa45a4302ba7d5.js
etag: W/"1862715378122bb9e8a2b5e02dabd70f"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8770-06aa45a4302ba7d5.js"

GET
H2 200 5137-6ab81b98ef031825.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 24 KB
8 KB 235ms
234ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/5137-6ab81b98ef031825.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

abf40a47d6572e713c729378c05e02bc3c6c8237ab01327698630fe217dbbed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::6hbsz-1704827756124-fedff6cf8558
age: 1682019
x-matched-path: /_next/static/chunks/5137-6ab81b98ef031825.js
etag: W/"74daf04874c029b5243f74e704a373bd"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5137-6ab81b98ef031825.js"

GET
H2 200 184-c0a124f76a4638e0.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 9 KB
3 KB 23ms
22ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/184-c0a124f76a4638e0.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ccff18cd3d82699d577f149b218e1b13f6a10a642499ebf4b26813ad96118664

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::lm4b5-1704827755909-774757218ca5
age: 1694903
x-matched-path: /_next/static/chunks/184-c0a124f76a4638e0.js
etag: W/"77106559a7cd8900e10586b45afafa3e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="184-c0a124f76a4638e0.js"

GET
H2 200 7185-111fe6182786f7ae.js Show response
www.chatfast.io/_next/static/chunks/ Frame 7E8B 16 KB
6 KB 27ms
27ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/7185-111fe6182786f7ae.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b4817e3bea7a4cb0dd3f59d0b49705e3e9b00665b7b8b01e77b3973ca2c58139

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::ntxr7-1704827755914-f67bebe7c5b1
age: 1689427
x-matched-path: /_next/static/chunks/7185-111fe6182786f7ae.js
etag: W/"82592feeddf4c3446ed4b8c70f49a02b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7185-111fe6182786f7ae.js"

GET
H2 200 %5Bid%5D-e5667db75b856c86.js Show response
www.chatfast.io/_next/static/chunks/pages/chat/ Frame 7E8B 15 KB
6 KB 27ms
26ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/chunks/pages/chat/%5Bid%5D-e5667db75b856c86.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7494a6bc64d75edf135b63d99de9759261f68a1b9ba0aff8a0439b9f08f34128

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vt8f2-1704827755914-673831383213
age: 1677454
x-matched-path: /_next/static/chunks/pages/chat/%5Bid%5D-e5667db75b856c86.js
etag: W/"421da280ade9831c1228ed9dff6dfed4"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="[id]-e5667db75b856c86.js"

GET
H2 200 _buildManifest.js Show response
www.chatfast.io/_next/static/C0GR4-uWaBFzHIFGAc4_u/ Frame 7E8B 6 KB
2 KB 28ms
28ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/C0GR4-uWaBFzHIFGAc4_u/_buildManifest.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

55edee847711b85e1696cb3314c5310acae748344a4e58a2e70c28560ed4fa88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::lm4b5-1704827755920-211e7f39ebbb
age: 1703667
x-matched-path: /_next/static/C0GR4-uWaBFzHIFGAc4_u/_buildManifest.js
etag: W/"d9e1f3026484876e1c239fd1aff9187d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 _ssgManifest.js Show response
www.chatfast.io/_next/static/C0GR4-uWaBFzHIFGAc4_u/ Frame 7E8B 153 B
354 B 26ms
25ms Script
application/javascript 76.76.21.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.chatfast.io/_next/static/C0GR4-uWaBFzHIFGAc4_u/_ssgManifest.js

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ba8c417fe459503ef3df40c94fd5a9f2603aa7762dfdd731b8f52e683934b62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/chat/93ee97e6-28e7-4a08-93e2-fa741a72e4e3?isPopUp=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:55 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2bnzd-1704827755914-2d23941156be
age: 1675060
x-matched-path: /_next/static/C0GR4-uWaBFzHIFGAc4_u/_ssgManifest.js
etag: "98fd674c39c37ac0d7a3bf7a2db9a218"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 153

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:168561618603:web:efdaa5450fa3c46207d1ee/ Frame 7E8B 262 B
379 B 74ms
73ms Fetch
application/json 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:168561618603:web:efdaa5450fa3c46207d1ee/webConfig

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/_next/static/chunks/pages/_app-e453a206e631670c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

979178f38ca5267225638fca677c3171f994aa0f5341996949a6712257c98c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.chatfast.io/
x-goog-api-key: AIzaSyBwlxRA6p2Httb-w87hxqHORiWh4gqXECM
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chatfast.io
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:168561618603:web:efdaa5450fa3c46207d1ee/ Frame 0
0 178ms
68ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:168561618603:web:efdaa5450fa3c46207d1ee/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://www.chatfast.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.chatfast.io
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 09 Jan 2024 19:15:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/chatfast-prod/ Frame 0
0 192ms
68ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/chatfast-prod/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.chatfast.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.chatfast.io
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 09 Jan 2024 19:15:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/chatfast-prod/ Frame 7E8B 623 B
677 B 315ms
314ms Fetch
application/json 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/chatfast-prod/installations

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/_next/static/chunks/pages/_app-e453a206e631670c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfd77f94f7b66d70b46bef9c0f11d4b0a247fb5bd9312379f5c80c77a59f5dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.chatfast.io/
x-goog-api-key: AIzaSyBwlxRA6p2Httb-w87hxqHORiWh4gqXECM
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMCBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuMCBmaXJlLWpzLyBmaXJlLWF1dGgvMC4yMS4wIGZpcmUtYXV0aC1lc20yMDE3LzAuMjEuMCBmaXJlLWlpZC8wLjYuMCBmaXJlLWlpZC1lc20yMDE3LzAuNi4wIGZpcmUtYW5hbHl0aWNzLzAuOS4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC45LjAiLCJkYXRlcyI6WyIyMDI0LTAxLTA5Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.chatfast.io
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 487
x-xss-protection: 0

GET
H2 200 rw.js Show response
r.wdfl.co/ Frame 7E8B 17 KB
5 KB 92ms
14ms Script
text/javascript 2600:9000:26db:5800:1b:348c:b140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: www.chatfast.io
URL: https://www.chatfast.io/_next/static/chunks/main-c0c1edbcf0d13121.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:5800:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a61de875ae2f9d173fb55f48e20aae59d95f2e8accebe0950b67289a24dfb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:33:35 GMT
content-encoding: gzip
via: 1.1 129b4a1f09d5313624ec15fced944d6e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 08:33:32 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 2542
x-amz-server-side-encryption: AES256
etag: W/"f9935faeda3a646105b8eb478ef91a21"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: rjYvQjZbGJKN0gbEXMKGrL5EA2HoatYBvzZE1Zqs2YjPUUtrqrvUDQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7E8B 230 KB
80 KB 90ms
89ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11368937099

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/_next/static/chunks/main-c0c1edbcf0d13121.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1727744eeded036f36fd15abfc4d5f253991caf0a29f357d1398922cd6feda1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81815
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 19:15:56 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 7E8B 212 KB
76 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-K6ENKF560M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a64e1f121af32758e42db99e4f4267368684e6c87c7637635889e7e459801f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:56 GMT

GET
H/1.1 200
OK info Show response
api.chatfast.io/chatbot/public/ Frame 7E8B 1 KB
1 KB 123ms
123ms XHR
application/json 67.205.187.203
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.chatfast.io/chatbot/public/info?chatBotId=93ee97e6-28e7-4a08-93e2-fa741a72e4e3
Requested by: Host: www.chatfast.io
URL: https://www.chatfast.io/_next/static/chunks/pages/_app-e453a206e631670c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.205.187.203 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: 6b9de8ae9711379e233c08e222a91d5e4f4a84d7d878758a5bd34e23434f4b80

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.chatfast.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Jan 2024 19:15:56 GMT
Access-Control-Expose-Headers: X-Data-Sources
Server: nginx/1.22.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7E8B 213 KB
76 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-K6ENKF560M

Requested by

Host: www.chatfast.io
URL: https://www.chatfast.io/_next/static/chunks/pages/_app-e453a206e631670c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

765c31ecd80738fad319963657f2fd15f0e5164cfb76dd8e302258dad0365299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77996
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7E8B 231 KB
80 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11368937099&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=G-K6ENKF560M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4de24a64d0ffeef0f666281a629bb4e220f53068107d076f3c364d810cfb3396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81876
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 19:15:56 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11368937099/ Frame 7E8B 3 KB
2 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11368937099/?random=1704827756383&cv=11&fst=1704827756383&bg=ffffff&guid=ON&async=1&gtm=45be4130h1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.chatfast.io%2Fchat%2F93ee97e6-28e7-4a08-93e2-fa741a72e4e3%3FisPopUp%3Dtrue&ref=https%3A%2F%2Fbluestarfam.org%2F&top=https%3A%2F%2Fbluestarfam.org%2F&hn=www.googleadservices.com&frm=2&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11368937099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f15a3adf9a5ce932a9451a3cfd12899cacb1404e0dce9d045463c396c87ca6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11368937099/ Frame 7E8B 42 B
108 B 66ms
65ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11368937099/?random=1704827756383&cv=11&fst=1704826800000&bg=ffffff&guid=ON&async=1&gtm=45be4130h1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.chatfast.io%2Fchat%2F93ee97e6-28e7-4a08-93e2-fa741a72e4e3%3FisPopUp%3Dtrue&ref=https%3A%2F%2Fbluestarfam.org%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_C_ngVicZ84m6SbE-0idKQcMFI1eH1LHf312W8gpTEb6KLq71&random=1013728598&rmt_tld=0&ipr=y

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11368937099/ Frame 7E8B 42 B
64 B 65ms
64ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11368937099/?random=1704827756383&cv=11&fst=1704826800000&bg=ffffff&guid=ON&async=1&gtm=45be4130h1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.chatfast.io%2Fchat%2F93ee97e6-28e7-4a08-93e2-fa741a72e4e3%3FisPopUp%3Dtrue&ref=https%3A%2F%2Fbluestarfam.org%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_C_ngVicZ84m6SbE-0idKQcMFI1eH1LHf312W8gpTEb6KLq71&random=1013728598&rmt_tld=1&ipr=y

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.chatfast.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 19:15:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.css
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/ Frame 2340 1 MB
146 KB 50ms
32ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Requested by

Host: connect.bluestarfam.org
URL: https://connect.bluestarfam.org/give/474515/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd3d080b3efdafd916a7f950f339082a53a3832f3d9d13577b0664abeec587a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: G92MCSWZZDEAVQ48
age: 64229
cf-polished: origSize=1156430
x-amz-server-side-encryption: AES256
x-amz-id-2: x/JR00a+3fQViu7OcexjrT+lvpLGkfKWcVQnRDWtX7macEeYfbEcV/Z8T5Li5FVWNLkLO+nZ3E4=
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
etag: W/"0ceb9eeb4ac62d24b00d120740a22187"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 842f0308a8a25c1a-FRA

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame 2340 141 KB
17 KB 71ms
9ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: connect.bluestarfam.org
URL: https://connect.bluestarfam.org/give/474515/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/6722) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 1716
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Thu, 28 Dec 2023 21:30:36 GMT
server: ECAcc (frb/6722)
etag: 0x8DC07EC3B4476F3
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: 0f0f3eb6-001e-007a-602c-435847000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Tue, 09 Jan 2024 20:15:56 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2340 131 KB
45 KB 59ms
17ms Script
application/javascript 2600:9000:26da:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: connect.bluestarfam.org
URL: https://connect.bluestarfam.org/give/474515/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: br
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: x0iEgx_rMqAKCtlqjPCSJIauNgY9l8F5GLO6gram-qNCjWZoB1W7ng==
x-xss-protection: 1; mode=block

GET
H3 200 rocket-loader.min.js Show response
connect.bluestarfam.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 2340 12 KB
4 KB 25ms
25ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: connect.bluestarfam.org
URL: https://connect.bluestarfam.org/give/474515/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/give/474515/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2SzR0lJoWTF4CVD%2Fe4Dsj2AAamS74QCp1GACFBZoRXifeTmPSBUe4WcvNCM9GLMJtT6ZZtLn7bin%2BQXBC%2BuObshii%2BzuG8c1uB%2BtAvDmj2dTBCUvsFOgNEVHDw0h3g0Jp9ZaEzVKft0eRUIjllYGScPCQhh%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 842f03091cd9f0db-CDG
expires: Thu, 11 Jan 2024 19:15:56 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 2340 20 KB
7 KB 81ms
52ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: connect.bluestarfam.org
URL: https://connect.bluestarfam.org/give/474515/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://connect.bluestarfam.org/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:57 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 842f03096ecb2bb6-FRA

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ Frame 2340 0
0 394ms
394ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://files.doublethedonation.com/app/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 09 Jan 2024 20:15:57 GMT
x-ms-request-id: 8f5e5881-f01e-0051-4a30-43d88b000000
date: Tue, 09 Jan 2024 19:15:57 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2340 26 KB
12 KB 44ms
16ms Script
text/javascript 2600:9000:26da:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.bluestarfam.org/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 2HwkiXQectHLaswMS7GXtsj7Fj29XM2H
content-encoding: gzip
via: 1.1 a0b81f8bd65c71136dc6b5c239feb2b8.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 12:26:17 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 45897
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"00c3b072683167edc19c510fffec8e50-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: BM69vcoEfbK3TkMlCMAf5-8dQlBhqNxLX24pYvkzlMOZ8k9IRiOUpg==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2340 267 KB
77 KB 39ms
19ms Script
text/javascript 2600:9000:26da:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.bluestarfam.org/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 a0b81f8bd65c71136dc6b5c239feb2b8.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 04:13:30 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 68737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: zLh56kXSnG8Q79RY3fEO0RU9fLcbxSuA3Fv6zNDuRDpgYg7KFxE-8g==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 2340 19 KB
5 KB 516ms
124ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:57 GMT
last-modified: Tue, 28 Nov 2023 19:42:13 GMT
etag: "8018dbfb3222da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 2340 7 KB
3 KB 58ms
29ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4972841
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF3KZ2W09N5ZGZ7JA5R0MNGX-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 842f030bfc1c695e-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/donation/ Frame 2340 184 KB
38 KB 33ms
32ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3073bd17061938f0b03a1cda1ed31d8e0f4ac3c5003ad3b38d9c7e2e837eb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
x-amz-request-id: G92MZ9ZYZ7AJDKTH
age: 64424
etag: W/"2d306c8b40756deed670707bd257d4cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 842f030bcb6d5c1a-FRA
x-amz-id-2: zsRonJdgAPM/O25vIDDse+hlonH7TukDrFoJY3pmfBIQmjte4DsWXp2XeL+QV7V4h+LNio+fwYk=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/ Frame 2340 2 MB
388 KB 45ms
44ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24461e8609af6616b65acb3145728531e2470e8f3fef3373f8764cee4ff3d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: G92V88CTDE7QTZ4G
age: 64750
etag: W/"9e8f84ac4daf7d759d927320005908c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 842f030bcb6e5c1a-FRA
x-amz-id-2: KtodyksCIkQdm/rkqGntCnKmUD6XRFxiHQWFsDyjfdgprJ5Xn4EBXRZ7V6Eimk0gdB9RyjgKOJA=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/ Frame 2340 1 MB
429 KB 38ms
37ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: G92Q4MPN3ZHFYTVQ
age: 64750
etag: W/"89ff3b468454fac32729fc74e3c9be17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 842f030bcb705c1a-FRA
x-amz-id-2: q7jZdGf1h/lSPY0WWazpCB1tCJk53l4lZbCFwoTRlOjvtIkhgAtj69vftfje+bLE11vO8Mk5dA0=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 2340 142 KB
43 KB 91ms
49ms Script
application/javascript 108.138.36.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-51.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 582ed2a17ad982cabe1409e2f0ae4ed41c2a4dafcae2eda420932c50f271501f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:39:19 GMT
x-amz-version-id: W6p4tsyiQSSkryDd2WGCZGaSd7092r1a
content-encoding: gzip
via: 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
x-amz-request-id: KPPHKVEPR955D95K
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 2199
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: +54t/m6guAcfAxkgse77FcYjkDO2h30ShbomVcvO+fOypJRjSCfJ+u5EH50oPl8AFTLnuxCjf8Y=
last-modified: Tue, 09 Jan 2024 17:59:23 GMT
server: AmazonS3
etag: W/"93abb9758b094a6ece7e947b8634fee2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: Nwo7Pn3RX711tpj6He_BacQr8YyhPUkXI0pdYjIeqP8wvILcNo2KOw==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 2340 581 KB
162 KB 36ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c0bac4713d19aedd24d4c88ff6416f4949f48c6102939f4a5bffcb610f7a7719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:57 GMT
via: 1.1 varnish
age: 7
x-cache: HIT
content-length: 165199
x-request-id: b29fdebf-a01f-4ca8-891b-b46648f58e31
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 22:27:51 GMT
server: Fastly
etag: "59df844eda15ab5eb053e9fa6e8c7f90"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame 2340 453 KB
117 KB 8ms
8ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/6751) /
Resource Hash: 07011c0eb448b2974517b5543e07a25ad4c65faeeaa74ddb6655bb74ef7e98e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 09 Jan 2024 19:15:57 GMT
content-encoding: gzip
content-md5: wJ7m+shed8Soq5xFbLESyQ==
age: 387
x-cache: HIT
content-length: 119516
x-ms-lease-status: unlocked
last-modified: Thu, 28 Dec 2023 21:30:36 GMT
server: ECAcc (frb/6751)
etag: 0x8DC07EC3B4FBFEC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: 552f71b2-301e-004e-3d2f-436b8f000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Tue, 09 Jan 2024 20:15:57 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 2340 15 KB
4 KB 16ms
14ms Stylesheet
text/css 2600:9000:26da:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
date: Tue, 09 Jan 2024 05:04:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 51159
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: Zi6Uofq-FEQNHlQhck9c8j28z3fyhdttMVZ2Su7Hk0L1OKlFkOX6dQ==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 2340 8 KB
3 KB 21ms
20ms Fetch
application/json 2600:9000:26da:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26da:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:52:38 GMT
x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a0b81f8bd65c71136dc6b5c239feb2b8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P4
age: 48200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: r2sAZIHYq814xe2xhDtUjSq3sCVw3bkFrUEoDz4uix62DUZRbrTWDw==

GET
H3 200 sdk.js Show response
connect.bluestarfam.org/sso/ Frame 2340 26 KB
7 KB 540ms
540ms Script
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/give/474515/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 09 Jan 2024 09:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9fjx8KKM45ycaU94Vl4WTUbRx6GV5rYU%2BggRLI%2BqkouTzVdjCCM4NJN4C8flFY3%2Bc0d7f7CBS0tRZEJxTETEmTNgz22saf3mUgoVOckG%2FetrsOKSkx0K%2FH7sRi6ocyhy31o1drw89152a7ryEyGqXydZY3qiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 842f030d0eadf0db-CDG
alt-svc: h3=":443"; ma=86400
expires: Tue, 09 Jan 2024 19:35:58 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 2720 200 B
818 B 7ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2984644
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:57 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 138914
x-content-type-options: nosniff
x-request-id: a965c2d8-f969-4b1c-bd20-78fdcde45be3
x-served-by: cache-fra-eddf8230066-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 2340 993 B
2 KB 190ms
80ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 09 Jan 2024 19:15:58 GMT

POST
H3 200 rum Show response
connect.bluestarfam.org/cdn-cgi/ Frame 2340 0
72 B 36ms
35ms XHR
text/plain 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-3d11b99ac3b973a0----1704827758037
traceparent: 00-29b5ec909bc4dff0d9ef918224cafc10-3d11b99ac3b973a0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzZDExYjk5YWMzYjk3M2EwIiwidHIiOiIyOWI1ZWM5MDliYzRkZmYwZDllZjkxODIyNGNhZmMxMCIsInRpIjoxNzA0ODI3NzU4MDM3fX0=
content-type: application/json
Referer: https://connect.bluestarfam.org/give/474515/

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 842f030fcd6af0db-CDG
x-frame-options: DENY

GET
H3 200 channels Show response
connect.bluestarfam.org/frs-api/campaigns/474515/ Frame 2340 1 KB
1 KB 482ms
482ms XHR
application/json 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/frs-api/campaigns/474515/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c2c473a58e0e8619f3e8c95bafd60abe0bde7dd67d23d731af24f348675775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: T5l8hiDZ-LwY0UsAkMg9k-pW898IzDTCYNBU
tracestate: 423787@nr=0-1-423787-363751183-9086d67db6642120----1704827758038
traceparent: 00-54b2ca55e02b3a67a6e1ee98f6d134a0-9086d67db6642120-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5MDg2ZDY3ZGI2NjQyMTIwIiwidHIiOiI1NGIyY2E1NWUwMmIzYTY3YTZlMWVlOThmNmQxMzRhMCIsInRpIjoxNzA0ODI3NzU4MDM4fX0=
Accept: application/json, text/plain, */*
csrf-token: T5l8hiDZ-LwY0UsAkMg9k-pW898IzDTCYNBU
Referer: https://connect.bluestarfam.org/give/474515/

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"40e-XTi6q8+Qb4w/s+yFvb4uJWMtDjk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJtSpC2jTy7yQFzagNzJQT5o05ZX%2BKzsbUBImAkLkMFaoYzEZLDlFExCr2xunLl7Esw3vrjePKZB6V3JcBVx00QKz7k%2BLgFKIu2aDOMWwxgPVibCWtzTkKV%2B0O8oa9rlDZh3qS2P2IWNS%2BZTuSrfsIbH9%2Ba0jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 842f030fcd78f0db-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 tax-entities Show response
connect.bluestarfam.org/frs-api/organizations/61034/ Frame 2340 629 B
877 B 464ms
464ms XHR
application/json 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/frs-api/organizations/61034/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9d23d3c15e51600399a49c18dcfb89380443ef5e1e4ac15326bde696f3acb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: T5l8hiDZ-LwY0UsAkMg9k-pW898IzDTCYNBU
tracestate: 423787@nr=0-1-423787-363751183-6ad3ed6b9892ba70----1704827758060
traceparent: 00-2c9fbabc673785051a85715d835a57c0-6ad3ed6b9892ba70-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2YWQzZWQ2Yjk4OTJiYTcwIiwidHIiOiIyYzlmYmFiYzY3Mzc4NTA1MWE4NTcxNWQ4MzVhNTdjMCIsInRpIjoxNzA0ODI3NzU4MDYwfX0=
Accept: application/json, text/plain, */*
csrf-token: T5l8hiDZ-LwY0UsAkMg9k-pW898IzDTCYNBU
Referer: https://connect.bluestarfam.org/give/474515/

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"275-T1yCPixOp/F1sEI4Lka3PH+agco"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8MP5k35GhjqkYPO6WZmv1Uj8cBmpOt6mD%2BQF8czELU5%2Fxo0JlModaV%2BC18Xv3O0dWG3w%2BD4TFBKeu%2FKM3PAfNE%2FNzgy3B1xKGOPf6TC9InF4dkQjDUSe6UmFH6aaHRQuCVCkFBgpeH6JoungHE2pn0K2YLM8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 842f030fede6f0db-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 currency-conversions Show response
connect.bluestarfam.org/frs-api/i18n/ Frame 2340 75 B
691 B 404ms
404ms XHR
application/json 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc79ef0ab8c22af1872f926b6d1cad511ba29ede51d7f4560abbd3600e5b9252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: T5l8hiDZ-LwY0UsAkMg9k-pW898IzDTCYNBU
tracestate: 423787@nr=0-1-423787-363751183-84c4da3d7655cf10----1704827758123
traceparent: 00-9cbaa93a2f1bdadf3f5ff7437eeb3dd0-84c4da3d7655cf10-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4NGM0ZGEzZDc2NTVjZjEwIiwidHIiOiI5Y2JhYTkzYTJmMWJkYWRmM2Y1ZmY3NDM3ZWViM2RkMCIsInRpIjoxNzA0ODI3NzU4MTIzfX0=
Accept: application/json, text/plain, */*
csrf-token: T5l8hiDZ-LwY0UsAkMg9k-pW898IzDTCYNBU
Referer: https://connect.bluestarfam.org/give/474515/

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"4b-jrUJT0NR0LJYavBvAcRfmc1UoEo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsK2ZG11gxHkbO%2F0kd7U1U0fm1%2Fo930iEIkKH9gUsydA%2BRH5vKfvDW0431fHL6mCgyRFR9BZP4UkFsV%2BvkXFSSAC6q9aTbyV8k163xQp3Pteul7LO5v3F11ll4cSfEhylVK3krZuLjw2JeflEthy6PMTzsecNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 842f03105ec2f0db-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 2340 88 B
691 B 455ms
412ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=10700&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://connect.bluestarfam.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 89c81fff-a792-47e8-9177-c134f2cffb78
cf-ray: 842f03109b68085c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 user-icon.png
connect.bluestarfam.org/static/global/images/ Frame 2340 4 KB
5 KB 448ms
447ms Image
image/png 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.bluestarfam.org/static/global/images/user-icon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/give/474515/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4588
last-modified: Mon, 11 Dec 2023 22:01:28 GMT
server: cloudflare
etag: "657786b8-11ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jI0ClCWG8pXqBlhvFwrFOeCHhlKNqY2v3qkhYtc1MrSsZ0Vd2oGSww%2Bt%2FO1fnd7x4ADq1MaR%2F0CzwC5Ua0%2BTyu4zAp9xH5teoCZoRnfKDq6Svc3vdoko1eCO6H8vwbg%2FhUX0WkBrCJ%2FGGX5iy0%2FfY9N3IEtqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 842f03105ee6f0db-CDG
expires: Wed, 08 Jan 2025 19:15:58 GMT

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2340 1 KB
899 B 35ms
34ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 8XWEF7TS5B4WX343
age: 57805
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 842f03105fda5c1a-FRA
x-amz-id-2: YQGujTrmJNwoTRDLqBl2jgatdroKnsQ6TL25BbluDbtbLdE95utIzaxg/8W8rc9vYIDNrpB5p2I=

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2340 1 KB
846 B 34ms
33ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 8XW4GXFXP5HQ5X7M
age: 57324
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 842f03105fdc5c1a-FRA
x-amz-id-2: Mt/8xVCnywwv9Nhc9QQMMSc7psomXAmzRQgvjBhaBrmIsGAWO4UyN0HEVjhyBIGD9hYUO84qy4k=

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2340 3 KB
1 KB 32ms
31ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 8XWBFVSFW1GQRRDW
age: 57324
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 842f03105fdd5c1a-FRA
x-amz-id-2: E2RQ74jT4te2E8CVUBoCrMzSuyVYQdmmcom+A5EL/tUQcACyfaxm4hl+M3oQQGtELmQe5qP9/1g=

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2340 1 KB
724 B 30ms
29ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 8XWBAQ34CPRV4D86
age: 50418
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 842f03105fde5c1a-FRA
x-amz-id-2: RYTrwgY6Kiir7JSTABlZ7d49WVFhOdYFQCo80Av5ylSZTibrDCK9QP0Mwq8VOLfYFOaeeSf7WHE=

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2340 6 KB
2 KB 99ms
98ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 8XWC62MJRJETNM24
age: 57324
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 842f03105fdf5c1a-FRA
x-amz-id-2: tDtNr9AdrGfqDUVSdQM4qKNQaO0Sk3dYysKMjXGJ9wWKrZxSNB9dbWubvYRSOxIcE/NaPeEzKqE=

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 2340 1 KB
934 B 30ms
30ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 8XWE0T7XJ7R0FKM5
age: 51229
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 842f03105fe05c1a-FRA
x-amz-id-2: QgUwQHmBn+H7aLaAofBF0BiC+/8AXcpnh+6w2HUSK6/j/h6L1WtfA8osEETCLR8KUfPMDvHNiBg=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/ Frame 2340 394 B
708 B 29ms
28ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: TFAXM3ZDKBYDQ3F4
age: 79499
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: MiMuNsnj04VO/qO4xH407Jq8zfqlspjd8DLtF/o1qqxCw4xMqnT21ax2GDucbyNZBDbydTL5Pdk=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 842f03105fe45c1a-FRA

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/fonts/ Frame 2340 42 KB
43 KB 548ms
530ms Font
application/x-font-woff 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11241468ecf36202cff1d14a70ac7a56ee69e77c7ee8d1835288eead918de205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: B3FHCFBWTME1TV7A
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: xMrBLJAtw6FQT/aT43LflJc8HH0QHKL3U9GdsndYZFqCDmXXrFoLIGEnOiEvjphiCJ8g/JkikZs=
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
etag: "e938ef9e10839a9514e49917314e13c0"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 842f03107d479208-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/fonts/ Frame 2340 65 KB
66 KB 648ms
630ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: B3FWPHPCNB06Z3FQ
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: ESCt2HkFx8I91QGugK2KexWsN0Ir/LzYlpImXZMCKKlY7aq93nc7MDiWCaAqmlkmITllwbFdKp8=
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 842f03107d489208-FRA

POST
H3 200 rum Show response
connect.bluestarfam.org/cdn-cgi/ Frame 2340 0
72 B 33ms
32ms XHR
text/plain 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-2a9b455edb8de950----1704827758138
traceparent: 00-dde6ec203384c8a2418b6fe9c8047c10-2a9b455edb8de950-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyYTliNDU1ZWRiOGRlOTUwIiwidHIiOiJkZGU2ZWMyMDMzODRjOGEyNDE4YjZmZTljODA0N2MxMCIsInRpIjoxNzA0ODI3NzU4MTM4fX0=
content-type: application/json
Referer: https://connect.bluestarfam.org/give/474515/

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 842f03106ef9f0db-CDG
x-frame-options: DENY

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2720 526 B
472 B 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 2905664
x-cache: HIT
content-length: 315
x-request-id: 5b214868-62f4-4f70-a228-515b8d62912c
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 132018

GET
H2 200 controller-d1cd3e94a5430431bc215e394dc3220f.html Show response
js.stripe.com/v3/ Frame AE2E 325 B
867 B 8ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5b4a4ac4eae255f9b16c7583efbf6e6e5249e7e2096801cac67fcc75270b3fbc

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 40
cache-control: max-age=60
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:58 GMT
etag: "d1cd3e94a5430431bc215e394dc3220f"
last-modified: Mon, 08 Jan 2024 21:41:43 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 13
x-content-type-options: nosniff
x-request-id: 6d6f5201-d484-4970-a402-66863aa7d136
x-served-by: cache-fra-eddf8230066-FRA

GET
H2 200 payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html Show response
js.stripe.com/v3/ Frame FCEC 408 B
969 B 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a7a6aaea1b195726685eed0d0e0cd8fb1886027af4d3e9701cf7d891b51f0642

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 77375
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:58 GMT
etag: "7b354895aef370b2d7e805a4ad26ca74"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 798
x-content-type-options: nosniff
x-request-id: 3b368df1-6092-431c-bb8d-9a5fe01b3ded
x-served-by: cache-fra-eddf8230066-FRA

GET
H2 200 payment-request-inner-browser-63034e857252d15af21801489465f221.html Show response
js.stripe.com/v3/ Frame 1C6F 344 B
1 KB 8ms
8ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1028283d12a9f3d8b243e5d8f46c4eaf733dc6dee0a11b4a357fa60c1e98f6dc

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:58 GMT
etag: "63034e857252d15af21801489465f221"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 2ea83cc7-b78a-4c24-ad14-4f3f81e91bc4
x-served-by: cache-fra-eddf8230066-FRA

GET
H2 200 payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html Show response
js.stripe.com/v3/ Frame 987C 408 B
301 B 7ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a7a6aaea1b195726685eed0d0e0cd8fb1886027af4d3e9701cf7d891b51f0642

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 77375
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:58 GMT
etag: "7b354895aef370b2d7e805a4ad26ca74"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 799
x-content-type-options: nosniff
x-request-id: 3292adf5-6046-4263-b90f-21f315cd53d7
x-served-by: cache-fra-eddf8230066-FRA

GET
H2 200 payment-request-inner-browser-63034e857252d15af21801489465f221.html Show response
js.stripe.com/v3/ Frame 3F4D 344 B
370 B 8ms
8ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1028283d12a9f3d8b243e5d8f46c4eaf733dc6dee0a11b4a357fa60c1e98f6dc

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:58 GMT
etag: "63034e857252d15af21801489465f221"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 57cbdc3d-1e24-4c00-94c3-aea56e2193b5
x-served-by: cache-fra-eddf8230066-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 2340 11 KB
841 B 62ms
61ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 19:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 19:15:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 19:15:58 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 2720 0
718 B 720ms
350ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758788823
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788453
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2720 0
717 B 725ms
356ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789035
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788440
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-278b1da7d824b542941b4ff0dc2b7365.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE2E 532 KB
130 KB 17ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77599
x-cache: HIT
content-length: 132695
x-request-id: 7bc0d38b-9bd5-4fa1-954b-33e00cf42332
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Fastly
etag: "c5b3d0d5bf7fbf0b0e1b70ab26c07d06"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

GET
H2 200 controller-671d49655974896bc853bead8b46169d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE2E 690 KB
178 KB 22ms
12ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-671d49655974896bc853bead8b46169d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

537be3fec98011e19204c314f55d4aa3f0f4b758f0bb0af23e444046b5bb1531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77599
x-cache: HIT
content-length: 181528
x-request-id: 86f236cb-56c0-46c7-817e-4cb92a8edd1e
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:55 GMT
server: Fastly
etag: "16598e5a80d4a03709190a9535c5b5c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 27D2 930 B
2 KB 67ms
16ms Document
text/html 2600:9000:225b:3600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:3600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 233
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:12:08 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
x-amz-cf-id: JFg_8engLTr1M1qlH_L-M_rMvc_6MZra4wbTrPCwN1yLU_ly_Z9yIw==
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame FCEC 120 KB
37 KB 162ms
79ms Script
application/javascript 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08556b58fc6dbd5aa2ae6465340d78309169cf9774253ad9b00ae78881f98d39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QxnyPBqhshePLltWvnPkTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QxnyPBqhshePLltWvnPkTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 Jan 2024 19:15:58 GMT

GET
H2 200 shared-278b1da7d824b542941b4ff0dc2b7365.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FCEC 532 KB
130 KB 22ms
12ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77599
x-cache: HIT
content-length: 132695
x-request-id: dfe0d0d6-8458-4561-9234-92d2ffc80e34
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Fastly
etag: "c5b3d0d5bf7fbf0b0e1b70ab26c07d06"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FCEC 12 KB
5 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 1645094
x-cache: HIT
content-length: 5075
x-request-id: 866dd05f-178c-4327-9f2e-0dc58ca9da79
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "a535e80a392a5f530d16d7eeee51483d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3063

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 987C 120 KB
36 KB 162ms
85ms Script
application/javascript 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08556b58fc6dbd5aa2ae6465340d78309169cf9774253ad9b00ae78881f98d39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6-7hoLfEzEzu-7C6fIZu_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6-7hoLfEzEzu-7C6fIZu_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 Jan 2024 19:15:58 GMT

GET
H2 200 shared-278b1da7d824b542941b4ff0dc2b7365.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 987C 532 KB
130 KB 12ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77599
x-cache: HIT
content-length: 132695
x-request-id: 7d410359-7dd3-46fd-b7ba-ad0d35a93f66
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Fastly
etag: "c5b3d0d5bf7fbf0b0e1b70ab26c07d06"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 987C 12 KB
5 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 1645094
x-cache: HIT
content-length: 5075
x-request-id: fbc51ffa-11d9-4616-b791-960e7466eb4c
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "a535e80a392a5f530d16d7eeee51483d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3062

GET
H2 200 shared-278b1da7d824b542941b4ff0dc2b7365.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1C6F 532 KB
130 KB 14ms
13ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77599
x-cache: HIT
content-length: 132695
x-request-id: 22b097ae-e308-4e15-bbc6-7c9380416ce6
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Fastly
etag: "c5b3d0d5bf7fbf0b0e1b70ab26c07d06"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1C6F 13 KB
6 KB 11ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 1645094
x-cache: HIT
content-length: 5654
x-request-id: 3aa285ce-9baf-4299-a4b6-c4779b56bbfc
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6263

GET
H2 200 shared-278b1da7d824b542941b4ff0dc2b7365.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3F4D 532 KB
130 KB 20ms
19ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77599
x-cache: HIT
content-length: 132695
x-request-id: 4b980360-0ad7-4fb4-bc14-8f6bd5b8ccb2
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Fastly
etag: "c5b3d0d5bf7fbf0b0e1b70ab26c07d06"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3F4D 13 KB
6 KB 20ms
20ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 1645094
x-cache: HIT
content-length: 5654
x-request-id: 57a4b686-b4db-472b-be40-af7b559de423
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6264

POST
H2 200 csp-report
q.stripe.com/ Frame AE2E 0
717 B 706ms
352ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758788954
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788577
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FCEC 0
717 B 728ms
376ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789085
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788638
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FCEC 0
717 B 717ms
364ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789534
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788800
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 2340 88 KB
31 KB 39ms
8ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://connect.bluestarfam.org/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5444244
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230054-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704827758.211839,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1, 43028

POST
H2 200 csp-report
q.stripe.com/ Frame 987C 0
717 B 726ms
375ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758788760
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788476
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 987C 0
717 B 738ms
387ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789744
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758789039
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1C6F 0
717 B 713ms
364ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789752
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758789033
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1C6F 0
717 B 705ms
356ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789353
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758789024
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3F4D 0
717 B 723ms
375ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789372
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788810
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3F4D 0
717 B 723ms
375ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758789264
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758788831
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ Frame 2340 216 KB
67 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:02:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68492
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Jan 2025 19:02:17 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame AE2E 474 B
615 B 27ms
11ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5082872db1612c8c93b102d9ee099e9871658d2a9648387500b2c8eee697d78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 29
x-cache: HIT
content-length: 299
x-request-id: 0e8bb0d8-888c-492d-b42c-120d935b4eb1
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Tue, 09 Jan 2024 18:41:53 GMT
server: Fastly
etag: "3289fddb877e41e5467adb066e3bdc1d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame AE2E 474 B
370 B 19ms
12ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5082872db1612c8c93b102d9ee099e9871658d2a9648387500b2c8eee697d78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-d1cd3e94a5430431bc215e394dc3220f.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 29
x-cache: HIT
content-length: 299
x-request-id: d0b33744-deb1-4ff8-a1b0-055cff0b2b01
x-served-by: cache-fra-eddf8230052-FRA
last-modified: Tue, 09 Jan 2024 18:41:53 GMT
server: Fastly
etag: "3289fddb877e41e5467adb066e3bdc1d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2340 29 KB
29 KB 53ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:27:29 GMT
x-content-type-options: nosniff
age: 416909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:27:29 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2340 29 KB
29 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:27:29 GMT
x-content-type-options: nosniff
age: 416909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:27:29 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 27D2 0
491 B 600ms
364ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758788756
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1704827758788450
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 27D2 87 KB
14 KB 17ms
17ms Script
text/javascript 2600:9000:225b:3600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:3600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:12 GMT
content-encoding: br
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 47
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: MUC50-P1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: lgydOHydh0Ct75DFZw5M_Op3tKq3arCbwHDgZVZyWQdM0V8Bi-6EPQ==

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2340 32 KB
32 KB 61ms
61ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:27 GMT
x-content-type-options: nosniff
age: 37651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:48:27 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2340 32 KB
32 KB 89ms
88ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:27 GMT
x-content-type-options: nosniff
age: 37651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:48:27 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2340 29 KB
29 KB 77ms
76ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:27:29 GMT
x-content-type-options: nosniff
age: 416909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:27:29 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2340 29 KB
29 KB 103ms
101ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:27:29 GMT
x-content-type-options: nosniff
age: 416909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:27:29 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 2340 29 KB
29 KB 110ms
109ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.bluestarfam.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:27:29 GMT
x-content-type-options: nosniff
age: 416909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:27:29 GMT

GET
H3 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
connect.bluestarfam.org/sso/ssobuild/js/ Frame 2340 12 KB
6 KB 29ms
29ms XHR
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-b68e903fd76f0220----1704827758302
traceparent: 00-6cd4de1172d65bf9b64779bb26d45d60-b68e903fd76f0220-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiNjhlOTAzZmQ3NmYwMjIwIiwidHIiOiI2Y2Q0ZGUxMTcyZDY1YmY5YjY0Nzc5YmIyNmQ0NWQ2MCIsInRpIjoxNzA0ODI3NzU4MzAyfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://connect.bluestarfam.org/give/474515/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34315
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 21:58:14 GMT
server: cloudflare
etag: W/"657785f6-316e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbDCCnJbm73XrqySIe5dkVjRiIB8wx4aOGfX65jDICWECHyywo4R8I7dt4dp8EaLkLe1bgW%2BnITJc9ARORNligSj1RQiLnjzYJXSAH1JRL%2B1EQ%2BWahuJER8OGfDxM%2Fhh54WmmCHeY65Abien3iqtjbs%2BjK%2FFbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 842f031169aef0db-CDG
expires: Wed, 08 Jan 2025 09:44:03 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 610ms
379ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:58 GMT
x-stripe-server-envoy-start-time-us: 1704827758789243
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1704827758789050
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 609ms
379ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:58 GMT
x-stripe-server-envoy-start-time-us: 1704827758789266
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1704827758789094
access-control-allow-credentials: true
content-length: 0

GET
H3 200 status Show response
connect.bluestarfam.org/sso/ Frame 2340 90 B
2 KB 413ms
413ms XHR
application/javascript 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.bluestarfam.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361007702327047640645_1704827758300&_=1704827758301

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1759fea085fba3205b565cc451e8dce01530936220114e86e3e5432e6c34bc54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-1d3a312f36c30860----1704827758339
traceparent: 00-c4a04c2643a124dde8701c59831f52d0-1d3a312f36c30860-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxZDNhMzEyZjM2YzMwODYwIiwidHIiOiJjNGEwNGMyNjQzYTEyNGRkZTg3MDFjNTk4MzFmNTJkMCIsInRpIjoxNzA0ODI3NzU4MzM5fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://connect.bluestarfam.org/give/474515/
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: frame-ancestors 'self' https://*.classy.org;
content-encoding: br
p3p: CP="Classy does not have a P3P policy."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYaFATdalPMuPXxDik8rH919R2V31mg3CBmjvp1QQ9inJXiDLyUAr%2B5RnDkg2lXcwm8aAMvadzFdNETqFrVPZ1JDRXd10i%2Faqum5Q5LnIAOVwnwdchcbjYnefWwTmOK%2Fz%2BSr4nBT4BvgJKkvwPN2lm%2BAK9VnTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 842f0311aa37f0db-CDG

POST
H2 200 6 Show response
m.stripe.com/ Frame 27D2 156 B
669 B 566ms
188ms XHR
application/json 34.210.103.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.103.90 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-103-90.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98b66c58b6c2699da78a69396050f39cc8841fbdb19f7b750b67befc92be3aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758817485
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1704827758817203
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 848E 19 KB
8 KB 85ms
84ms Document
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb5e08528d42d5fda4a6ae6049d0e4766e6fa77eb22aea76b22776454cf0a8d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2HdUyeBLxEluyNWCQurnNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2HdUyeBLxEluyNWCQurnNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame AE2E 2 KB
3 KB 339ms
271ms Fetch
application/json 198.202.176.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

083d58041138e8353f5b527eb4842df29cbdb78bc96274049ca5518275bb12c8

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2469
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 033D 19 KB
8 KB 91ms
90ms Document
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5eca4878c61c87ffb61ab4cc96dc755eb2678522df384f83060fea2961184e6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-elLZyNpj6gRILyyp6PVsTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-elLZyNpj6gRILyyp6PVsTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 667ms
530ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:58 GMT
x-stripe-server-envoy-start-time-us: 1704827758963364
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1704827758962824
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 848E 159 KB
57 KB 162ms
52ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjjFsBSDezsfT9cSV3p9OFwzOUaaA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519ee3b259409d71a9914a5dd61d39f6756aba2a2977aa14b0164a66bd83bbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57393
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 07:00:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:53:21 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 848E 2 KB
2 KB 133ms
133ms Other
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: bluestarfam.org
URL: https://bluestarfam.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 033D 159 KB
56 KB 204ms
112ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519ee3b259409d71a9914a5dd61d39f6756aba2a2977aa14b0164a66bd83bbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57393
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 07:00:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:53:21 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 033D 2 KB
2 KB 152ms
152ms Other
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: bluestarfam.org
URL: https://bluestarfam.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html Show response
js.stripe.com/v3/ Frame F5B9 408 B
1 KB 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a7a6aaea1b195726685eed0d0e0cd8fb1886027af4d3e9701cf7d891b51f0642

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 77375
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:58 GMT
etag: "7b354895aef370b2d7e805a4ad26ca74"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 800
x-content-type-options: nosniff
x-request-id: cdef5dd8-022b-44d2-a0ac-5917e9f9d698
x-served-by: cache-fra-eddf8230066-FRA

GET
H2 200 payment-request-inner-browser-63034e857252d15af21801489465f221.html Show response
js.stripe.com/v3/ Frame 4B5E 344 B
1 KB 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1028283d12a9f3d8b243e5d8f46c4eaf733dc6dee0a11b4a357fa60c1e98f6dc

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.bluestarfam.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 19:15:58 GMT
etag: "63034e857252d15af21801489465f221"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: cf6a48db-40aa-4604-97c5-507473426a21
x-served-by: cache-fra-eddf8230066-FRA

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 379ms
379ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:58 GMT
x-stripe-server-envoy-start-time-us: 1704827758789217
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1704827758788997
access-control-allow-credentials: true
content-length: 0

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame F5B9 120 KB
35 KB 81ms
80ms Script
application/javascript 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08556b58fc6dbd5aa2ae6465340d78309169cf9774253ad9b00ae78881f98d39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mFNBF83BqeTw6i0vCYQnwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mFNBF83BqeTw6i0vCYQnwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 Jan 2024 19:15:58 GMT

GET
H2 200 shared-278b1da7d824b542941b4ff0dc2b7365.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F5B9 532 KB
130 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77600
x-cache: HIT
content-length: 132695
x-request-id: 8ccbbdba-60bb-4fb9-8710-96e2064d4912
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Fastly
etag: "c5b3d0d5bf7fbf0b0e1b70ab26c07d06"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20

GET
H2 200 payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F5B9 12 KB
5 KB 6ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7b354895aef370b2d7e805a4ad26ca74.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 1645094
x-cache: HIT
content-length: 5075
x-request-id: aa168929-d640-45d7-872a-b47d7d7418b6
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "a535e80a392a5f530d16d7eeee51483d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3064

POST
H2 200 csp-report
q.stripe.com/ Frame F5B9 0
717 B 517ms
517ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758963292
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758962920
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F5B9 0
717 B 511ms
511ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758963291
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758962949
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-278b1da7d824b542941b4ff0dc2b7365.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4B5E 532 KB
130 KB 9ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 77600
x-cache: HIT
content-length: 132695
x-request-id: fd840a55-694f-496f-a1aa-5080b19412e6
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Fastly
etag: "c5b3d0d5bf7fbf0b0e1b70ab26c07d06"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4B5E 13 KB
6 KB 8ms
8ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-63034e857252d15af21801489465f221.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 19:15:58 GMT
via: 1.1 varnish
age: 1645094
x-cache: HIT
content-length: 5654
x-request-id: 02c3fbfc-4ec2-4a32-b445-ff95e7f3940f
x-served-by: cache-fra-eddf8230066-FRA
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6265

POST
H2 200 csp-report
q.stripe.com/ Frame 4B5E 0
717 B 512ms
511ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758963591
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758963174
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4B5E 0
717 B 515ms
515ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bluestarfam.org
URL: https://bluestarfam.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827758963350
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704827758963108
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 7D73 19 KB
8 KB 81ms
80ms Document
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c458cdaf70365a118d1fc1beb4b093df8c81e841e441d46e5f2dba9be522343c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--8xhHgrsJnOoNcSHVewJZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--8xhHgrsJnOoNcSHVewJZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 7D73 159 KB
56 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

519ee3b259409d71a9914a5dd61d39f6756aba2a2977aa14b0164a66bd83bbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57393
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 07:00:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:53:21 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7D73 2 KB
2 KB 133ms
133ms Other
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: bluestarfam.org
URL: https://bluestarfam.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 848E 74 KB
27 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfritDA8ty8Ek9Ax5c05UTEvW0fCPsw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjjFsBSDezsfT9cSV3p9OFwzOUaaA/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68080367ed5db875186c8efdf561a4cf587ea2e26b63d167babb309aeab0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27481
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:06 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 033D 74 KB
27 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68080367ed5db875186c8efdf561a4cf587ea2e26b63d167babb309aeab0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27481
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:06 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 7D73 74 KB
27 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68080367ed5db875186c8efdf561a4cf587ea2e26b63d167babb309aeab0ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27481
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:06 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 848E 1 MB
376 KB 87ms
87ms XHR
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d756532f036785e66b53accca023b741ccbb9304593d1b5f0f80db038303bdd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R-sJopSzDcDhbeRtCgF24A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-R-sJopSzDcDhbeRtCgF24A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 Jan 2024 19:15:58 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 848E 9 KB
4 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfritDA8ty8Ek9Ax5c05UTEvW0fCPsw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5725c5afd372ccc669b5c19e6ac4a9927d7941bc33c4c751557183101f7a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3742
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:45:42 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 848E 37 KB
14 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfritDA8ty8Ek9Ax5c05UTEvW0fCPsw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7cc492844a396cb38e5c022ae1793528632a673ebee2739e6b9999c6f127bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 18:06:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 848E 131 B
156 B 204ms
101ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 179ms
67ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 177ms
66ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 848E 131 B
156 B 205ms
102ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 179ms
69ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 848E 131 B
156 B 202ms
100ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 227ms
118ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 848E 131 B
156 B 131ms
79ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 220ms
111ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 848E 131 B
156 B 158ms
100ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 033D 1 MB
377 KB 92ms
92ms XHR
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e2f593f9c1cb3865b5c785b651e31d15b83f11c2a62facec1e7b131c780d13a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-CC4ZYDwbf-PW60tWqwK4_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-CC4ZYDwbf-PW60tWqwK4_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 Jan 2024 19:15:58 GMT

POST
H3 200 log Show response
play.google.com/ Frame 848E 131 B
156 B 156ms
97ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 210ms
110ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 204ms
204ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:58 GMT
x-stripe-server-envoy-start-time-us: 1704827758963684
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1704827758963220
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 033D 9 KB
4 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfritDA8ty8Ek9Ax5c05UTEvW0fCPsw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5725c5afd372ccc669b5c19e6ac4a9927d7941bc33c4c751557183101f7a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3742
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:45:42 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 033D 37 KB
14 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfritDA8ty8Ek9Ax5c05UTEvW0fCPsw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7cc492844a396cb38e5c022ae1793528632a673ebee2739e6b9999c6f127bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 18:06:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 033D 131 B
156 B 154ms
96ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 206ms
111ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 033D 131 B
156 B 156ms
97ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 205ms
111ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 033D 131 B
156 B 155ms
95ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 203ms
109ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 033D 131 B
156 B 153ms
94ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 203ms
110ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 033D 131 B
156 B 197ms
95ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 161ms
68ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 GooglePay-logo.svg
connect.bluestarfam.org/static/global/images/digitalWallets/ Frame 2340 3 KB
2 KB 470ms
470ms Image
image/svg+xml 2606:4700:3037::ac43:d4c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.bluestarfam.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:d4c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.bluestarfam.org/give/474515/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 22:01:28 GMT
server: cloudflare
etag: W/"657786b8-b41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS5kOJWM%2F4yvNVNi9lleHlQxy79HmsBQvpypMDhFy3ziLpwMEIHClNtWPFg6TrPdbHo%2B0Q6JRzhW3ZR1gs00vXuDBYidNLYHXkGpLm%2Fu%2B01RQrmqSzOa%2BXmkSh9aVzAEBi9aH%2Fa5dP44yrSDBT99x44onzxc9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 842f03150b45f0db-CDG
expires: Wed, 08 Jan 2025 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 198ms
111ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 033D 131 B
156 B 157ms
99ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 192ms
192ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:58 GMT
x-stripe-server-envoy-start-time-us: 1704827758963406
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1704827758963228
access-control-allow-credentials: true
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 7D73 1 MB
377 KB 95ms
94ms XHR
text/html 2a00:1450:4013:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c02::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7bd122a57d61db1b2e77d9b1021a9bacdd45a249823b0045804074273d7d770e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-DWbYWBCV6yyn_BcPBdgmPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:15:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-DWbYWBCV6yyn_BcPBdgmPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 Jan 2024 19:15:58 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 7D73 9 KB
4 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfritDA8ty8Ek9Ax5c05UTEvW0fCPsw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5725c5afd372ccc669b5c19e6ac4a9927d7941bc33c4c751557183101f7a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3742
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:45:42 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 7D73 37 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.FTz1Crelb6Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfritDA8ty8Ek9Ax5c05UTEvW0fCPsw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7cc492844a396cb38e5c022ae1793528632a673ebee2739e6b9999c6f127bd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 18:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Jan 2025 18:06:25 GMT

POST
H3 200 log Show response
play.google.com/ Frame 7D73 131 B
156 B 192ms
98ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 145ms
77ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7D73 131 B
156 B 182ms
80ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 135ms
68ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7D73 131 B
156 B 203ms
102ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 135ms
68ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7D73 131 B
156 B 158ms
99ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 176ms
110ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7D73 131 B
156 B 159ms
99ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 175ms
109ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:59 GMT
expires: Tue, 09 Jan 2024 19:15:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 7D73 131 B
156 B 198ms
96ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 19:15:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 19:15:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 134ms
69ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 Jan 2024 19:15:58 GMT
expires: Tue, 09 Jan 2024 19:15:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 27D2 156 B
668 B 191ms
191ms XHR
application/json 34.210.103.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.103.90 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-103-90.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98b66c58b6c2699da78a69396050f39cc8841fbdb19f7b750b67befc92be3aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827759012033
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1704827759011430
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 27D2 156 B
668 B 236ms
236ms XHR
application/json 34.210.103.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.103.90 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-103-90.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98b66c58b6c2699da78a69396050f39cc8841fbdb19f7b750b67befc92be3aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704827759060606
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1704827759060179
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 181ms
181ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:59 GMT
x-stripe-server-envoy-start-time-us: 1704827759395240
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1704827759394464
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame AE2E 0
273 B 180ms
179ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-278b1da7d824b542941b4ff0dc2b7365.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 Jan 2024 19:15:59 GMT
x-stripe-server-envoy-start-time-us: 1704827759964228
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1704827759964028
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widgets.guidestar.org/	1970-01-20 17:43:52	Name: AWSALBCORS Value: ksAnaqPdI52gHhFQjlgjyG1U6k0QiMtJoBQ1c6RC/T1jIsp9PjzlKsGTpSMHGKLgC0s5LtmmG48ZMlgjYbAjmPIEcI7FTd/WANWt0VJ3/qwHQYFCOkYtS1iZuMSc
bluestarfam.org/	1970-01-20 17:33:49	Name: _sp_ses.2a84 Value: *
bluestarfam.org/	1970-01-21 03:09:47	Name: _sp_id.2a84 Value: e938b586767b17a6.1704827754.1.1704827754.1704827754.4234da08-13db-444b-9949-aa6c414666d1
.bluestarfam.org/	1970-01-20 19:43:23	Name: _gcl_au Value: 1.1.1383797309.1704827754
.bluestarfam.org/	1970-01-21 03:09:47	Name: _ga_2EZGDJEX25 Value: GS1.1.1704827754.1.0.1704827754.60.0.0
.bluestarfam.org/	1970-01-21 03:09:47	Name: _ga Value: GA1.2.288225348.1704827755
.bluestarfam.org/	1970-01-20 17:35:14	Name: _gid Value: GA1.2.1007818767.1704827755
.bluestarfam.org/	1970-01-20 17:33:47	Name: _gat_UA-10818124-1 Value: 1
bluestarfam.org/	1970-01-20 17:34:09	Name: isNew Value: true
bluestarfam.org/	1970-01-20 17:35:14	Name: hasVisited Value: true
.bluestarfam.org/	1970-01-21 03:01:45	Name: _hp2_id.1608587594 Value: %7B%22userId%22%3A%223869286068025083%22%2C%22pageviewId%22%3A%224227323475017413%22%2C%22sessionId%22%3A%227240878032041607%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.classy.org/	1970-01-20 17:33:49	Name: __cf_bm Value: 3g0D2JW4sdPYbbCjXalPo3a_V5q3RwhpJv0TQZeEc5w-1704827755-1-AWpN34ezi8mXE2n1jz/XvZwN2hoVoMteNJek0C+OARz/+jFvJVRKP3gbKRlyISX6S790tz521cX3jSJ14tCTAtI=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: Ddv0AMc4fmUM8kFZnWq3WbFlLoCK5Jil8m0vGFO_O1o-1704827755585-0-604800000
.bluestarfam.org/	1970-01-20 17:33:49	Name: _hp2_ses_props.1608587594 Value: %7B%22ts%22%3A1704827755558%2C%22d%22%3A%22bluestarfam.org%22%2C%22h%22%3A%22%2F%22%7D
.doubleclick.net/	1970-01-21 02:55:23	Name: IDE Value: AHWqTUngT6pHFicG0CBrbHPbTe6wX29dYo6BJDjbcH1Lmdh4p9QHCCUewlv_CH3n
connect.bluestarfam.org/	1970-01-21 03:09:47	Name: connect.sid Value: s%3Ak6uCpk5n7ZmEOM6FP8cZpBcU7Gs1QnKm.Q2kI9J57Shppaidts1NFmaWQzvsJJaG488DxZKfyrG4
.bluestarfam.org/	1969-12-31 23:59:59	Name: __cfruid Value: ae1b98240a281eead3461c232292f55c063d5f91-1704827756
.bluestarfam.org/	1969-12-31 23:59:59	Name: _cfuvid Value: Hnq56m43P5CIbLBMIrC6yG_2pMEtT5.2qkcvzrd7iMQ-1704827756790-0-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6CcjdNXjds8
.youtube.com/	1970-01-20 21:52:59	Name: VISITOR_INFO1_LIVE Value: GqheeWSFSMw
connect.bluestarfam.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: J0taNOdQ-TawsOC2XtfTmmQ7mM4peF3yokVk
connect.bluestarfam.org/	1970-01-20 17:33:48	Name: XSRF-TOKEN Value: eyJpdiI6IjIwL2pybEZYOGhPSDhhNHUxdjdlUEE9PSIsInZhbHVlIjoidHlLcENFajdUa2s3ZFJNczZMZ2d5bks4dy9RL3ZJWlBwNGRsVmlBdE9qQnlScWp0VHhVcDgxcW9nNzNTUmRCWFU5TFBjNGcwbHlIdGJQZGZsUENwRUJ3b1NlakFnTDl1NkRaU0ZZZjc5cXRNL3FhN1J5ODdIdGJ0ek5qQTBINlYiLCJtYWMiOiJmOTMxMWI5MWVjOGFjZTNlODdmNGM3MDkwMTJkOGVhZjYxNDI0OGFjMjk0NThkNDMyOGY1MjhjNjdlM2Y4ZDhlIiwidGFnIjoiIn0%3D
connect.bluestarfam.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IkRjbVMrU3pMdG4wb0I3ekRPM0Y0THc9PSIsInZhbHVlIjoiRTE4UjhVVkJqeTlhUUNpVGsrUUhGM01YTWh2Z3pwZG16RFNFZ3JmRklaMHdxdFFHWEhwVFl5WlkyL3pNaHBvRk9nUCs4dmJzNTdwUmZjcW5IeFJRMU9XeVhlUjVxa2dXcXQvcDdWMEtDUDlHNVVvSGtTMmtDWmdpOWk2WjF1QysiLCJtYWMiOiI0ZjllZTA5ZTk1YmMxYzZjNjI4NDdhZjg4MDgwZWIxZWY0ZTUxMmY2ZGM4Mzk3Nzg3NmFiMTQ3MGM1MDYzOTkxIiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-21 03:09:47	Name: m Value: 2f88e642-7b09-485e-857d-e2cc73a115fc7cccaf
.connect.bluestarfam.org/	1970-01-21 02:19:23	Name: __stripe_mid Value: f451096a-459a-4682-a3f2-cfaa4c063b78393fbd
.connect.bluestarfam.org/	1970-01-20 17:33:49	Name: __stripe_sid Value: 5394e957-2394-41a7-a885-2c88d0f9ecce4ae5d1
.google.com/	1970-01-20 21:57:18	Name: NID Value: 511=iadavK7k8W1_u1eo-06ciQF3_bLOZcye57GoROUP1cHsPwDnKryqtO_DQqBc1safceKxjbrffQwpC9EfJsvqh2d5owGL60lJH16F9WuoQrqJAAZMXc3ACdmMos6TUq2xOAs3kktp1xiK76BrYpK18UDAZx0hHQkznAepGMNrS20

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sdk.classy.org/embedded-giving.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.chatfast.io
bluestarfam.org
bsf.informz.net
cdn.heapanalytics.com
cdn.informz.net
cdn.mouseflow.com
cdn.plaid.com
cdn.transcend.io
chatfast.io
code.jquery.com
connect.bluestarfam.org
files.doublethedonation.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
insight.adsrvr.org
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
p.typekit.net
pay.classy.org
pay.google.com
play.google.com
pro.fontawesome.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
r.wdfl.co
region1.analytics.google.com
sdk.classy.org
static.cloudflareinsights.com
stats.g.doubleclick.net
unpkg.com
use.typekit.net
websites.cdn.getfeedback.com
widgets.guidestar.org
www.chatfast.io
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
107.23.86.50
108.138.36.51
151.101.192.176
172.217.18.98
172.67.23.169
18.173.154.101
18.209.122.234
198.202.176.81
2001:4860:4802:34::36
2600:9000:225b:3600:19:7d10:bd80:93a1
2600:9000:26da:7e00:2:8531:afc0:93a1
2600:9000:26db:5800:1b:348c:b140:93a1
2600:9000:26db:7600:4:397a:df80:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3036::6815:5b4f
2606:4700:3037::ac43:d4c4
2606:4700:4400::ac40:93bc
2606:4700::6810:3965
2606:4700::6810:7eaf
2606:4700::6812:1b32
2606:4700::6812:7c49
2606:4700::6812:c55f
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9b
2a00:1450:4013:c02::5c
2a02:26f0:3500:16::215:1486
2a02:26f0:3500:16::215:1495
2a04:4e42:400::432
2a04:4e42::649
34.210.103.90
52.143.247.24
52.223.40.198
54.186.23.98
67.205.187.203
76.76.21.142
76.76.21.21
026dbd44a07da53babe9cd35ef4a4e95b0e687c0e2075f6141b22634ee5f29ac
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
03e2b66b65bc9b8f81b39e116ff072e6ed881167e5b422327e0c19bd2092f83b
07011c0eb448b2974517b5543e07a25ad4c65faeeaa74ddb6655bb74ef7e98e8
079ee7537f45a9d5581f2ad144c3d6205875a7ae46a2056fb7dc676ba4013a67
083d58041138e8353f5b527eb4842df29cbdb78bc96274049ca5518275bb12c8
08556b58fc6dbd5aa2ae6465340d78309169cf9774253ad9b00ae78881f98d39
0c0371cb133ff8944f921228ca2a127ea66a220bc3caa7cbea09f81a5af36a7f
0e3f6d684bc0bfb692c53c3cb8ee62abfad2879fe3c0efd72de864d21e914187
1028283d12a9f3d8b243e5d8f46c4eaf733dc6dee0a11b4a357fa60c1e98f6dc
11241468ecf36202cff1d14a70ac7a56ee69e77c7ee8d1835288eead918de205
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
13b25bb108f8024f644b2ed5dbc9a7abd6e95ee689e10910e91da0d654583383
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
1727744eeded036f36fd15abfc4d5f253991caf0a29f357d1398922cd6feda1b
1759fea085fba3205b565cc451e8dce01530936220114e86e3e5432e6c34bc54
195d4f9cff3526d6b48baf91b62185f21be61c9bd0fdd4b17bb19165724735e1
1a9bd3c697279bf78c0ffadde4e5cb673182cf45fc24a6abd71e3575a04a5f0d
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
1e0769cbbff1b7496c31bb5c4fdae005d8f00f41fd0eca236989254e1db702bc
1e4307ac8b8c4d489c755729b6b1914a876f8693590e802b43ee4ac91b9aa354
1ee5a876f4eca8fafd9d5903458c7526a6cc40e020e12d0421b4d8c227a98f51
2187f72b8b1e37450b2135c7c440aaa27177245f39e0c7c1c55b978190159a61
2310dbb01451322b06f99c576bc3792cb0a840cd106cc8132d57177a6715fde4
23cd82040a2b3d27b2d3dc221cf3a249c40f6b134b22a1ada4e6cc9dba526115
24461e8609af6616b65acb3145728531e2470e8f3fef3373f8764cee4ff3d500
25091b162ee2b14bd391b9a4859befc19217d031178cb0d70c23c37a198537a4
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
279d0583e24f3b6f8cf77f2f38b460f7f196f8e6fd49793d6e1794462cf9891d
27b44a4aab7949c3eb93328c4b7e94aec9375059cfa26277099ea65b5fc6494c
2873523ef067691dff910b96ab65cffa8c0ebfeb68275c89256f0154a7eb0d4d
29c2c473a58e0e8619f3e8c95bafd60abe0bde7dd67d23d731af24f348675775
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2bea2ce3dca226a4838e4af71141ff1812ac03a033c903d994b66c96acac0a19
2f5820372f57efa4c8e03770baca675ee59ba259fa417e5d9d033cde673c8252
2ff5670c3090f70ad0db9e0a0149d56febe0d00dfb135e82fa6a904b94ee205e
3073bd17061938f0b03a1cda1ed31d8e0f4ac3c5003ad3b38d9c7e2e837eb81c
33a61de875ae2f9d173fb55f48e20aae59d95f2e8accebe0950b67289a24dfb8
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3627f68f6c26f51208590c177f7d866a7ef8a8bb72f35a8773adf0333e1ba634
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
39c658ef377f9ec31442c5343a15bdfc4c4653bcca74bc7d6fe4b3e736a60aa4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41be528bffc12cc0c4ff46c1227e0f2165752c63787b7735276053c741082563
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46a4599168205b5be314b18585d1953059f428974a6113a8032ea42842f0219c
47a9c67bdaedd2f2a4bfeb17707a7e93c3681fc2bbc955ebf0b1b4db22163cbc
4ab20823cb9ad461c90829c891f440cdbec2d195cb6502fe026e8bcdba526056
4b17de2135b9ff378fa39d6d53f6fb96c8eb24ad46d524300cc30509fe02714e
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
4de24a64d0ffeef0f666281a629bb4e220f53068107d076f3c364d810cfb3396
4f15a3adf9a5ce932a9451a3cfd12899cacb1404e0dce9d045463c396c87ca6b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5082872db1612c8c93b102d9ee099e9871658d2a9648387500b2c8eee697d78d
519ee3b259409d71a9914a5dd61d39f6756aba2a2977aa14b0164a66bd83bbd6
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
534ecb7e84cbd36918c179af2d074fa62a121f425e605c4a4eb9a8ffd898b12a
53633f3468c005d89a6cf7012e549fc545dda158f75263bd882f303fd8a60fdc
537be3fec98011e19204c314f55d4aa3f0f4b758f0bb0af23e444046b5bb1531
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
55edee847711b85e1696cb3314c5310acae748344a4e58a2e70c28560ed4fa88
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
582ed2a17ad982cabe1409e2f0ae4ed41c2a4dafcae2eda420932c50f271501f
5a3ed9e417a102c92f939a0474f4dba6a81283770bb15c7fde89cb83a6f70206
5a9d01a33b132103cd816305a0ee3ce558f2c546973fc7368ae402dbea1da502
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5af5133459a08aaab60f1340c731b242ee78b77d9143f76c47101c04dc900d48
5b4a4ac4eae255f9b16c7583efbf6e6e5249e7e2096801cac67fcc75270b3fbc
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
603c8f6f8eb1e51288aaa8df46697972e22d428f569b94b98c31777a03fb7919
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
6096cc3962efcd83d5ef5a0fd01a5f6ed0903566b03d86a1f27cc346a149e6a3
611751965611cb1489f3186e37a3eef0213aace33936c6742b3efdc488539971
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6157a7930e0b61cc770e870221c1c76d482ed12252efd952fd9d084a491d7ad6
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
65727f531ab4e2a2e338d103458089c7744f7470289340986b5a32ef2be3d57f
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
65b7d8a89967cb9c8b9e5f2f805a7f4129dcbcffa72d7e49425fea99bc783bd8
6617c247627e109a4a73871a3894d9f14dda01a61774d96c4abd2cf979e755b9
66f60afb2dcbdb8e5871e273a1ed205e0ebfff54749be56134d08ec509140c6a
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b9de8ae9711379e233c08e222a91d5e4f4a84d7d878758a5bd34e23434f4b80
6d2ebd4af7fdb6892244661b474f342d5d9771bf2a304e219e4e927ee01bfc75
6d2f00480ba62a516b204cc50b4ce12e863467ec26dc8d4089f6e7c62c7c2c29
6d756532f036785e66b53accca023b741ccbb9304593d1b5f0f80db038303bdd
6db1366dccdd6c074dcda0deb63c6bf6b516043024fd314ec70d83b07542b301
712734c04ca7888e85175a955b2cef0e0bd48a7abd4f385b3429ef8121999459
73af752a0ea79af64f093061131ead3baeee56b566fe29e8ab2bf875475de3ef
73b665b2c762862e4ef482b93360911123aa9f7915cd4d4047c1a8bec173a8f1
7494a6bc64d75edf135b63d99de9759261f68a1b9ba0aff8a0439b9f08f34128
76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2
765c31ecd80738fad319963657f2fd15f0e5164cfb76dd8e302258dad0365299
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7bd122a57d61db1b2e77d9b1021a9bacdd45a249823b0045804074273d7d770e
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
8029ee9017cac4ffeb3c57d4a394a929759ccf0cd8ed5df0d79d4629a814a605
81f7672079b3bf3df4cb44dff16d384a7fbd7fd61439d3446541959aeb2444ec
8293ca7c1f9d0b8655a80e98cbb26f03642db1522bf660cd179796e318b9ec90
83719abe9b32c796c11d4968a2ff27abba69dc2a828e00f47da0a9575de39702
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856b6c9d5ee86760fd35d21ad2e70279dd9c637a4196ea870cfc904cae7a8d50
85d66775a49c9ba1f119c496b82b6751685757af939a5e6962f18af2c660c51e
863de28b952f5a94fc1c43207c6ac046cf1dc13a2d78fc9bafbc61236da6c390
86a3beb137a396f9d6b8fea0c776ca3d1eb16bf6319182d1ff1b57a0ea6d5779
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
89b2462070a1a639c693794bc1d8d9131e6eb9274fc7fb0fb854943e58940a22
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8bb67e76c593968c1397d0bf91ba43f1438350d7e79f790f9324937e4d2e97ec
8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758
8d4d29042c23b5fcbed3af690421776de0f8ad3d308d66e24a9d80bcc8ccb522
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e23f8023485c7cd75bfab4571211d8853189f20d5fd45a520b123961b5bfcac
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9079c5c6b56e4e2ddd93a812ab5cf6233d9a9a3f9c4570fc51845d19fa9acf59
90902d6519b4893fb55f9be1a6552d291b8d14f455c528b5848c017ae91014d0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92885f5b3f6b31cc4301f5c96d1d84fc62de274a6907bf44f22e986b1610e38a
9372086e8ee3f75f9f1bf7d90e1e0fbe3b47fa4ea80e52cb079a651db31919c9
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073
979178f38ca5267225638fca677c3171f994aa0f5341996949a6712257c98c39
980a5304c237fe64466f0c16d62a80412a53b5249c3a8b93407949c80af4fcfc
9862db80a9849617c4f83bd7006d79a6e9b395710a489c1d49d08fb68fc0b9d6
98b66c58b6c2699da78a69396050f39cc8841fbdb19f7b750b67befc92be3aed
9c035d8b5700deffd13fd18f59689985addc3658edcc0c439dca7e0352cb993e
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e2f593f9c1cb3865b5c785b651e31d15b83f11c2a62facec1e7b131c780d13a
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a11f1cd0494de7c684308829e164f5bf987a65d074b23635148be60bd88794f3
a29a3585f15421c271aa8e5598ff19e560acf8c9b659725b93b86124426bd582
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a64e1f121af32758e42db99e4f4267368684e6c87c7637635889e7e459801f2b
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
a7a6aaea1b195726685eed0d0e0cd8fb1886027af4d3e9701cf7d891b51f0642
a7cc492844a396cb38e5c022ae1793528632a673ebee2739e6b9999c6f127bd9
aaf08be6ae4ed211293a6d4280e2d052e1f332eb0066a0dc0192fd8a3a9f39d2
abf40a47d6572e713c729378c05e02bc3c6c8237ab01327698630fe217dbbed9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af46a2c0b29a77c87727f1dcf8534fd497865fe781f8e39b376a722342a82540
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b1187638280a79e65d44f0716096e729440afdf41ee33f8ad1328e6b500fd2a1
b3619d8cd82c030216d1b27ad22d1fb791d2dfc471efbb9cdb25b7818a5c8e08
b3831aabe664a6d2c2ee8e80ffdd164e253973907776df96368eca49385f56d9
b4817e3bea7a4cb0dd3f59d0b49705e3e9b00665b7b8b01e77b3973ca2c58139
b49682f0aa0b3a8c25109377d085c414c1bbba13eefb95d1dee843436d4d31e2
b68080367ed5db875186c8efdf561a4cf587ea2e26b63d167babb309aeab0ff6
b698d7d63c8c236cda0499131978654fa884f24df6755f7b6909e5d784e096db
b9318367c1965609f970e3a7de1d648dea4348c68f5e8f5a2aa878bd4ede5acf
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba8c417fe459503ef3df40c94fd5a9f2603aa7762dfdd731b8f52e683934b62c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6141baf0bde0e41c12e9311f5a97c158a7cb99f923afeb67d13abeaacb652b
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
bd2b25c0b557759fdf017179965ea5c04d09ae95cd531dd5e4c1d94739001d49
bdb41bcfe02eb7205c13e008c8030984c1d59dc65f1653ce4332eb30c9296410
c0bac4713d19aedd24d4c88ff6416f4949f48c6102939f4a5bffcb610f7a7719
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2edd56f3e38418f4a39abe669da43e9a49ed0b142a2cd3155c599f9aac8ee56
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c458cdaf70365a118d1fc1beb4b093df8c81e841e441d46e5f2dba9be522343c
c9a3e2e16ea172c17e3c87a739250d3a9a3fbf7b131bfce5370a4efa45866b69
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb5e08528d42d5fda4a6ae6049d0e4766e6fa77eb22aea76b22776454cf0a8d7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc60672d61f01b97b4a19b06998f22c70f54f58ebf1eb132600e1a4b46fbc2f1
cc79ef0ab8c22af1872f926b6d1cad511ba29ede51d7f4560abbd3600e5b9252
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccff18cd3d82699d577f149b218e1b13f6a10a642499ebf4b26813ad96118664
cfd77f94f7b66d70b46bef9c0f11d4b0a247fb5bd9312379f5c80c77a59f5dee
d21271c6ef8488ec06eed2693a8d03c87f9cd6f1ca198f2d77949676ee7e888c
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd
d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d4bd07bee1ae9aa11e2bb6540f9d587d934ac0e64fe4f263cf0cd033b5ff8733
d501be548fceb5b09d8ab38753c1e0da4a851334d9edd993bc9863c5588078e2
d5eca4878c61c87ffb61ab4cc96dc755eb2678522df384f83060fea2961184e6
d6a78e87c7dabb0d431fda347c0413b8bd44f64b695dbd697793a301901d3648
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d873e5e6bce997cc6b5624185a6fe77b8ec6736ccb0058c4d5a50fc7b9344ecc
d9848f4475e84755175fe8eba010e2f0df1c231d98c6b6a4a56164eb05b84af5
da500885d9a5d8907f9c6cb3af02abd605a4a99f519c606ee6c808b78d330351
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db07c15b1653846bffbcefd8e4dc15c5bf3d31bd7ccbecef025fd1fb2be6dd78
dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c
dd5725c5afd372ccc669b5c19e6ac4a9927d7941bc33c4c751557183101f7a69
dde23b1574cd345ee6646c82840876ec2a9c82bbc74f1dc615ab79e9f76a2297
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e28f4de5e6bb79a8183390fbc45ce11f9355ca403e6872c2da45624e4d087940
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ef081072712e0b5ee7d2e8bdd96e1f848038d23df65dd408664a48375e9858
e5d1ee4046ceeb81d3e43309d053b423b87018e60c4cf0dd8ee7c5d3e9e90465
e6114e721efaeda9f1623725abc7953ece1f472499ee28271426a933d6490493
e958465871d0721fea193f5bdc54e46cf63e0870660555e5c53dcca63b6bdcd6
e967dc9b84ce05841a1be1b7510207621139400bfccdc3e34f1cc6a4e71609cf
eac91de82967361f6fdc5be092d7fa8d249d5cf109bfbe4cb944c2867849be3e
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f277c1c8f3b3658ce515beec3b5b6475da75f30cf1f8277b9d6e519fe6d87c2f
f5b308f2ac06702753313c7ec5818fa5a5363b1cadb4ab60e644e7f66cc98f84
f9d23d3c15e51600399a49c18dcfb89380443ef5e1e4ac15326bde696f3acb0c
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fb5fce47dee3bb80729eb88ba515fcd5a2a13be169febe8f0ab14cfffdcdab4f
fda11be389a45ffdaf3f925f3b697b46d07977e1a8c2f9cf18745936f4f1bf5c
fdd3d080b3efdafd916a7f950f339082a53a3832f3d9d13577b0664abeec587a
fee496081e87c76d4afb442786a5e6c48834a41a03729ddeefe1b60421fde159
ff36b802312052c556484d200f49d9a8e6e27dca60e8944c238f9aabd7d48a8c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

bluestarfam.org Open in urlscan Pro 2606:4700:3037::ac43:d4c4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

332 Requests

99 %HTTPS

68 %IPv6

30 Domains

49 Subdomains

46 IPs

4 Countries

12501 kBTransfer

28298 kBSize

27 Cookies

18 Outgoing links

Page URL History

Redirected requests

332 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bluestarfam.org Open in urlscan Pro
2606:4700:3037::ac43:d4c4 Public Scan

Screenshot
Live screenshot

Full Image

332
Requests

99 %
HTTPS

68 %
IPv6

30
Domains

49
Subdomains

46
IPs

4
Countries

12501 kB
Transfer

28298 kB
Size

27
Cookies

332 HTTP transactions
1 data transactions