donate.musiciansoncall.org Open in urlscan Pro
104.18.113.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.musiciansoncall.org/e/185902/donate-/xxlthx/1000124003?h=UoOFhWiCrBDAfVIJne9c__GN840LPZXCu3SNJK9c1hs
Effective URL:
https://donate.musiciansoncall.org/give/102085/
Submission: On October 21 via api (October 21st 2021, 2:41:21 pm UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 26 IPs in 1 countries across 22 domains to perform 174 HTTP transactions. The main IP is 104.18.113.21, located in United States and belongs to CLOUDFLARENET, US. The main domain is donate.musiciansoncall.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.

This is the only time donate.musiciansoncall.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.174.78.146 35.174.78.146	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.26.6.212 104.26.6.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	104.18.113.21 104.18.113.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.125.175 104.16.125.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.121.98 13.32.121.98	16509 (AMAZON-02) (AMAZON-02)
24	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
37	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	13.32.121.24 13.32.121.24	16509 (AMAZON-02) (AMAZON-02)
2	35.190.88.7 35.190.88.7	15169 (GOOGLE) (GOOGLE)
1	104.20.185.68 104.20.185.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
2	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
4	104.18.132.60 104.18.132.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.233.45.176 18.233.45.176	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
7	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	33438 (HIGHWINDS2) (HIGHWINDS2)
2	142.251.5.154 142.251.5.154	15169 (GOOGLE) (GOOGLE)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
8	142.251.5.92 142.251.5.92	15169 (GOOGLE) (GOOGLE)
1	52.89.186.194 52.89.186.194	16509 (AMAZON-02) (AMAZON-02)
10	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
174	26

1 35.174.78.146 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com

go.musiciansoncall.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.6.212 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.musiciansoncall.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.18.113.21 (United States)

ASN13335 (CLOUDFLARENET, US)

donate.musiciansoncall.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.125.175 (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-98.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-24.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.88.7 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.185.68 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.25 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.132.60 (United States)

ASN13335 (CLOUDFLARENET, US)

pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.233.45.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-45-176.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.5.92 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.186.194 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-186-194.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	stripe.com js.stripe.com q.stripe.com m.stripe.com r.stripe.com	526 KB
34	google.com pay.google.com play.google.com	756 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	396 KB
17	classy.org prod-frs.content.classy.org pay.classy.org assets.classy.org	2 MB
15	musiciansoncall.org 3 redirects go.musiciansoncall.org www.musiciansoncall.org donate.musiciansoncall.org	77 KB
11	google-analytics.com www.google-analytics.com	59 KB
6	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	43 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	stripe.network m.stripe.network	17 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	doubleclick.net stats.g.doubleclick.net	439 B
2	youtube.com www.youtube.com	48 KB
2	bugsnag.com sessions.bugsnag.com	140 B
2	plaid.com cdn.plaid.com	69 KB
1	jquery.com code.jquery.com	30 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	newrelic.com js-agent.newrelic.com	16 KB
1	onetrust.com geolocation.onetrust.com	256 B
1	unpkg.com unpkg.com	3 KB
1	tokenex.com htp.tokenex.com	4 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
174	22

	Domain	Requested by
29	q.stripe.com	donate.musiciansoncall.org
26	play.google.com	www.gstatic.com
22	js.stripe.com	donate.musiciansoncall.org js.stripe.com
12	donate.musiciansoncall.org	donate.musiciansoncall.org
11	www.google-analytics.com	donate.musiciansoncall.org www.gstatic.com
10	www.gstatic.com	pay.google.com www.gstatic.com
9	prod-frs.content.classy.org	donate.musiciansoncall.org prod-frs.content.classy.org
8	pay.google.com	js.stripe.com pay.google.com donate.musiciansoncall.org www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com
5	heapanalytics.com
4	assets.classy.org
4	pay.classy.org	donate.musiciansoncall.org
2	r.stripe.com	js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	bam-cell.nr-data.net	donate.musiciansoncall.org
2	stats.g.doubleclick.net	donate.musiciansoncall.org
2	www.youtube.com	donate.musiciansoncall.org
2	platform.twitter.com	donate.musiciansoncall.org
2	sessions.bugsnag.com	donate.musiciansoncall.org
2	cdn.plaid.com	donate.musiciansoncall.org
2	www.musiciansoncall.org	2 redirects
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	code.jquery.com	donate.musiciansoncall.org
1	fonts.googleapis.com	donate.musiciansoncall.org
1	js-agent.newrelic.com	donate.musiciansoncall.org
1	geolocation.onetrust.com	donate.musiciansoncall.org
1	cdn.heapanalytics.com	donate.musiciansoncall.org
1	unpkg.com	donate.musiciansoncall.org
1	htp.tokenex.com	donate.musiciansoncall.org
1	www.googleadservices.com	donate.musiciansoncall.org
1	static.cloudflareinsights.com	donate.musiciansoncall.org
1	go.musiciansoncall.org	1 redirects
174	33

This site contains links to these domains. Also see Links.

Domain
www.classy.org
classy.org

Subject Issuer	Validity	Valid
donate.musiciansoncall.org Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2021-01-26` - `2022-01-26`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://donate.musiciansoncall.org/give/102085/
Frame ID: A560016AAC779606B0D3F0A4BDD75817
Requests: 71 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: FB6E3B4005313215DFDDAE01D6303994
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fdonate.musiciansoncall.org
Frame ID: 310AB4AF26ADE48C243287064854F524
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4687448E4050C002CF8CC1354AF4FF73
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
Frame ID: 7A79A50C89471AB7DCE7197DA5A119E2
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
Frame ID: B0F3FF315907EE91A8049A29524B02FD
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
Frame ID: 2DFE9CD2D25406C8E23A0DE40089ED34
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
Frame ID: 60B64BE16CE8B07A12584E5A2BA36EBB
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
Frame ID: A072C44D80869C05F4A1499C5F8FB7F1
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
Frame ID: AFF33278FEB638BAA061A41C11578305
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 0371014B829FC62BAB135BEAC4B15D0A
Requests: 16 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: B2D4D9F7521095D733290070FF1EF3A0
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Deliver the Healing Power Of Music

Page URL History Show full URLs

https://go.musiciansoncall.org/e/185902/donate-/xxlthx/1000124003?h=UoOFhWiCrBDAfVIJne9c__GN840LPZXCu3SNJK9... HTTP 301
http://www.musiciansoncall.org/donate/ HTTP 301
https://www.musiciansoncall.org/donate/ HTTP 301
https://donate.musiciansoncall.org/give/102085/ Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

174
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

33
Subdomains

26
IPs

1
Countries

4259 kB
Transfer

12233 kB
Size

25
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.musiciansoncall.org/e/185902/donate-/xxlthx/1000124003?h=UoOFhWiCrBDAfVIJne9c__GN840LPZXCu3SNJK9c1hs HTTP 301
http://www.musiciansoncall.org/donate/ HTTP 301
https://www.musiciansoncall.org/donate/ HTTP 301
https://donate.musiciansoncall.org/give/102085/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

174 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
donate.musiciansoncall.org/give/102085/
Redirect Chain

https://go.musiciansoncall.org/e/185902/donate-/xxlthx/1000124003?h=UoOFhWiCrBDAfVIJne9c__GN840LPZXCu3SNJK9c1hs
http://www.musiciansoncall.org/donate/
https://www.musiciansoncall.org/donate/
https://donate.musiciansoncall.org/give/102085/

148 KB
30 KB

846ms
749ms

Document
text/html

104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dabdbe3a4f5451758d432c460871d8f28f6bbf597e0fdba6d719c7c4bf3c344

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: donate.musiciansoncall.org
:scheme: https
:path: /give/102085/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-type: text/html; charset=utf-8
cf-ray: 6a1b3ecb2ebe4119-PRG
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; Path=/ connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; Path=/; Expires=Thu, 10 Aug 2073 22:34:19 GMT; HttpOnly __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; path=/; expires=Thu, 21-Oct-21 15:11:11 GMT; domain=.donate.musiciansoncall.org; HttpOnly; Secure; SameSite=None __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; path=/; domain=.donate.musiciansoncall.org; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

date: Thu, 21 Oct 2021 14:41:10 GMT
content-type: text/html; charset=UTF-8
location: https://donate.musiciansoncall.org/give/102085/#!/donation/checkout
cf-ray: 6a1b3ec6d9114125-PRG
cache-control: max-age=3600
expires: Thu, 21 Oct 2021 15:05:44 GMT
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-railgun: direct (waiting for pending WAN connection)
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
host-header: 8441280b0c35cbc1147f8ba998a563a7
sg-optimizer-worker-status: bypass
x-httpd: 1
x-proxy-cache: HIT
x-redirect-by: redirection
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZrdNQpOIDtkQo5W%2FmRfSBpYyIIKDbEdKvSj01Is%2FtMtBxpruucJpX0ceuv3QPC5AFc42MUAuPodr7%2FVnSssugAG92%2FEitqxAsZSPlQQppfXtzYufxZ%2BSfJ1PlfC6hpqQhqYmuRePkGGZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.css
prod-frs.content.classy.org/prod/15002/static/frs/ 1 MB
136 KB 89ms
39ms Stylesheet
text/css 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/frs/main.css

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43df012ff9a102b8238cd0e4c785c964dc75a1013a51935a6bfc4f92f937b5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 48736
cf-polished: origSize=1104236
x-amz-request-id: KX3ZYDREEX0Q8XNS
x-amz-id-2: 5s4S4ZUD+g7DTHkdk4w+D9vey3WDCn0BB5pNYp0Pgn7XJ7pArtCjI/m8xwpB+hQSd75ZuPjD358=
last-modified: Thu, 21 Oct 2021 00:42:48 GMT
server: cloudflare
etag: W/"cdb87280018fd7df3af6689106bf0087"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6a1b3ed0c8bd4107-PRG
cf-bgj: minify

GET
H2 200 rocket-loader.min.js Show response
donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 19ms
18ms Script
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/give/102085/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"616eb975-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800 public
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a1b3ed19a5d4119-PRG
expires: Sat, 23 Oct 2021 14:41:11 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 87ms
49ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6a1b3ed1dfee277c-PRG

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 46ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14430
x-xss-protection: 0
server: cafe
etag: 16924264664223707549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 14:41:11 GMT

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/15002/static/onetrust/ 50 KB
12 KB 34ms
32ms Script
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 48736
cf-polished: origSize=54583
x-amz-request-id: KX3TNF8AN8BZ1YSW
x-amz-id-2: abj+IeXG40mndyJjNynJ+lavU2W1xCOsMPHo+CzSPtoOK+v1kU7O2sA13nncJ3Oo4IaU3nri1xM=
last-modified: Thu, 21 Oct 2021 00:42:49 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6a1b3ed1bafa4107-PRG
cf-bgj: minify

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 13 KB
4 KB 1130ms
140ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

48e76017a2ab32ab6c81dd6a2042fae71c48dc4d7103f8691078eb880936b742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 19:49:35 GMT
etag: "8071f8206bb5d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Thu, 21 Oct 2021 14:41:12 GMT
accept-ranges: bytes
content-length: 3458
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 82ms
36ms Script
application/javascript 104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.125.175 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3594931
fly-request-id: 01FF6GCCD3AGH2H9QDHAP9DXZ3
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a1b3ed20d96413e-PRG

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15002/static/frs/donation/ 177 KB
36 KB 38ms
37ms Script
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/frs/donation/module.min.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f6d4d42ce91b959f80096cea1ad8fa46f2d3ef590c1b764bab78afcad3eb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Oct 2021 00:42:48 GMT
server: cloudflare
age: 48736
etag: W/"e0010da4bf58eb95106bcbf527601209"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a1b3ed1cb034107-PRG
x-amz-request-id: KX3VN4YY852WSG01
x-amz-id-2: zSWSOsgojlvZjAqHnzxpSMwcPViTa85PbDU3b6XyeGnFYCyYvXpEAcCaNDTl0fISOBwBABL3bqo=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15002/static/global/ 2 MB
319 KB 44ms
43ms Script
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/global/module.min.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a6e2908bf71a728e79bc62a2181ef87e6bd172bb94bfc0f64ecc3c9da2ffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Oct 2021 00:42:49 GMT
server: cloudflare
age: 48736
etag: W/"0e318734e5af27abb8ad4d809b7f5baa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a1b3ed1cb064107-PRG
x-amz-request-id: KX3ZBK61D4VAFHDA
x-amz-id-2: 7b93j0+bsWkjSiNcip7ZKVE53e6tkyNoUyqMu7GxFoOhdYIE/lDIDGFUaY2MSzw9zEocsiuz5JA=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/15002/static/global/ 1 MB
476 KB 53ms
53ms Script
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/global/libs.min.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c224dfa203e28003da563e5269c9d67724e053ab7c87b2581b1b6ed22b05499

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Oct 2021 00:42:49 GMT
server: cloudflare
age: 48736
etag: W/"9f084e9d38fb2730ca68bb4c3cc1b091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a1b3ed1cb074107-PRG
x-amz-request-id: KX3G2R0795AWMPQS
x-amz-id-2: r1aQYEpTp9pScj77yc4y52QHad7ETIctPU8q4h+VnVvGCcYjYHH6MkDd0yBP792AGYeHnKubo8w=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 85 KB
29 KB 76ms
42ms Script
application/javascript 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3f8d2e72aef50d6016628c295c916f66da901d2bcc4f47aff9454b1f2850b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:45:11 GMT
content-encoding: gzip
x-amz-request-id: M2TDZ0J8R68PBZ80
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: 9MjJpFBLOcnR5TXveFPhFvPcouSL7fWnzR/afKDc4yCKnlRfz/hXfQQO6joxc7fxbwTLZZr8JOM=
last-modified: Thu, 21 Oct 2021 00:02:39 GMT
server: AmazonS3
etag: W/"c6fbce69acb4bc8f786e1f3ca0b8c1a2"
vary: Accept-Encoding
x-amz-version-id: DgIHnqp5AudBbHMeWBulw8SCNM6S1oJk
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: WH0ldIqJx2t7GW48HajN9WRWGxHuzOrV-gJWjV_Fzx3tFVMHHkh2VA==

GET
H2 200 / Show response
js.stripe.com/v3/ 264 KB
64 KB 48ms
8ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:11 GMT
content-encoding: br
vary: Accept-Encoding
age: 290
via: 1.1 varnish
x-cache: HIT
content-length: 64476
x-amz-id-2: rq+WWm8UhNg+dInNguzJky2Ol/CXATMGZdTys+WzJNTI6MUwhGGX945kW0QwM23r7D71cZ+mx8w=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 22:04:33 GMT
server: AmazonS3
etag: "162d95aadbf0d6bd433739b5c2433fea"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: KFJQXHXW2XJWBPSN
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 380

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
10ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 6855
date: Thu, 21 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Thu, 21 Oct 2021 14:46:57 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 105 KB
42 KB 43ms
10ms Script
application/javascript 13.32.121.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.24 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-24.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

832acca5fc6fb4913e0b5251b1604bed3dd22add852920f4c842877236cac694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:40:07 GMT
content-encoding: gzip
server: nginx
age: 65
etag: W/"1a59c-+pVF7p+YHsah91k4qMf0Rg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA60-P1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: Tik7NN23-eqjoNIrgqnkKfeOCBUjLGf1saLHilVSyn9XlNDbRAds-g==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 159ms
144ms Preflight 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://donate.musiciansoncall.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Thu, 21 Oct 2021 14:41:12 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 145ms
145ms XHR
application/json 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://donate.musiciansoncall.org/
Bugsnag-Sent-At: 2021-10-21T14:41:12.206Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 21 Oct 2021 14:41:12 GMT
via: 1.1 google
bugsnag-session-uuid: 53a13a28-b679-4f2d-9de7-0719abf5f4e6
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/15002/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 30ms
29ms Stylesheet
text/css 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 48734
cf-polished: origSize=22581
x-amz-request-id: 2AMYF1H3PF9ESYG2
x-amz-id-2: LRKoqf5iOcil4oQSiT4bgPNPI1dQgJ2M2qG6IlT6cXPOlOTjbzWCsDvmA8E3MHzZ1LDqoO9Mj9U=
last-modified: Thu, 21 Oct 2021 00:42:49 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6a1b3ed38e934107-PRG
cf-bgj: minify

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 83ms
42ms Script
text/javascript 104.20.185.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32103477144489205368_1634827272107&_=1634827272108

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.185.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a1b3ed3ead34125-PRG
content-length: 32

GET
H2 200 sdk.js Show response
donate.musiciansoncall.org/sso/ 20 KB
6 KB 554ms
553ms Script
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/sso/sdk.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

33ee267763985a483e766006308c74e6afa3d561ac5b23ac58b7ef2a2e55eacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /sso/sdk.js
pragma: no-cache
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A12+GMT%2B0000+(GMT)&version=3.6.25
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/give/102085/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a1b3ed39d514119-PRG
expires: Thu, 21 Oct 2021 15:01:12 GMT

GET
H2 200 nr-spa-1211.min.js Show response
js-agent.newrelic.com/ 43 KB
16 KB 22ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1211.min.js
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: CLSa7QJ2hagEFCkLjcLamPCZ0EDdPlaV
content-encoding: gzip
etag: "a5ee6c68d7de5e7446d73910964b5c10"
x-amz-request-id: 7P24QENFJWH9MPY0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16260
x-amz-id-2: w9tbSzsulzIUpjCfcY1I4Ry340KouzFhxTIpcvI9ziJM3HnvH7QmVv/mcPAA/SBB1qkMT7NKyUM=
x-served-by: cache-hhn4020-HHN
last-modified: Mon, 27 Sep 2021 20:46:51 GMT
server: AmazonS3
x-timer: S1634827272.266674,VS0,VE0
date: Thu, 21 Oct 2021 14:41:12 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13003

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame FB6E 240 B
546 B 8ms
8ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-f7902241893e7a497417843cb15dc858.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.musiciansoncall.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

x-amz-id-2: +1Tt6Z/KJ3d25HpHbPPgSAvZaeJj/qJ0UyOjw/DGc8Dsipmn4xlTrJoyMEXvWvl7Nx1qn2qA3U0=
x-amz-request-id: XMMYHH9DJSQACWJK
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
etag: "f7902241893e7a497417843cb15dc858"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:12 GMT
via: 1.1 varnish
age: 215
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 681
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 141

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1177/ 0
40 KB 12ms
12ms Other
application/javascript 13.32.121.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1177/link-dynamic-loader.js
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 00:45:12 GMT
content-encoding: gzip
age: 50161
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Oct 2021 00:02:39 GMT
server: AmazonS3
etag: W/"535d4b2c1bb79bd33ca7b1959044dc60"
vary: Accept-Encoding
x-amz-version-id: wU6svdVmAoywJETp47KblcQWQryE4EQM
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: qIjXAB5j46XXgCVSYwqUT3DCiOMmOcBj2QhbPRsA4jzEsYZ5SoDBEw==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 504ms
6ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 14:41:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1379
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29104
x-tw-cdn: VZ
Last-Modified: Mon, 18 Oct 2021 18:33:56 GMT
Server: ECS (frb/675D)
Etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 531ms
32ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

ESF /

Resource Hash

272d71624a8d4634901f0260580882a059268ff037cc12302b283a9710756c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Thu, 21 Oct 2021 14:41:12 GMT

GET
H2 200 tax-entities Show response
donate.musiciansoncall.org/frs-api/organizations/6948/ 394 B
352 B 487ms
487ms XHR
application/json 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/frs-api/organizations/6948/tax-entities

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be775cb06140d026745fe8470ed67f2aad290d5231d9b4d953f0a4fdfe52316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
x-xsrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-3cad9a3bb83202f7----1634827272625
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzY2FkOWEzYmI4MzIwMmY3IiwidHIiOiJjZjBjNmJlNzE0MTg0YzU5OTFlNTVlZTdmYzY1N2M1MCIsInRpIjoxNjM0ODI3MjcyNjI1fX0=
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A12+GMT%2B0000+(GMT)&version=3.6.25
:path: /frs-api/organizations/6948/tax-entities
pragma: no-cache
x-newrelic-id: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-cf0c6be714184c5991e55ee7fc657c50-3cad9a3bb83202f7-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
:method: GET
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-3cad9a3bb83202f7----1634827272625
traceparent: 00-cf0c6be714184c5991e55ee7fc657c50-3cad9a3bb83202f7-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzY2FkOWEzYmI4MzIwMmY3IiwidHIiOiJjZjBjNmJlNzE0MTg0YzU5OTFlNTVlZTdmYzY1N2M1MCIsInRpIjoxNjM0ODI3MjcyNjI1fX0=
Accept: application/json, text/plain, */*
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
Referer: https://donate.musiciansoncall.org/give/102085/

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"18a-B/vxiOQdUT4HE0ORfh5Th6PfNeM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: CSRF-TOKEN=bfDEbIrc-sDk1TVZoVGaVwYw8cch1o4HyaRM; Path=/
cf-ray: 6a1b3ed5f9c74119-PRG
vary: Accept-Encoding

GET
H2 200 donate-double-companies Show response
donate.musiciansoncall.org/frs-api/donation-matchers/ 49 KB
18 KB 531ms
531ms XHR
application/json 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/frs-api/donation-matchers/donate-double-companies

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac68c0a722c1870b04eccfe8a38159e095bcbc9754a3a34e87b3f01281c937d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
x-xsrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-97a5a7255c80b30c----1634827272668
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5N2E1YTcyNTVjODBiMzBjIiwidHIiOiIwMzUyNTBhZTBhNzE0NzI0NjRmMWI0ODY2ZWQxNjg3MCIsInRpIjoxNjM0ODI3MjcyNjY4fX0=
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A12+GMT%2B0000+(GMT)&version=3.6.25
:path: /frs-api/donation-matchers/donate-double-companies
pragma: no-cache
x-newrelic-id: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-035250ae0a71472464f1b4866ed16870-97a5a7255c80b30c-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
:method: GET
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-97a5a7255c80b30c----1634827272668
traceparent: 00-035250ae0a71472464f1b4866ed16870-97a5a7255c80b30c-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5N2E1YTcyNTVjODBiMzBjIiwidHIiOiIwMzUyNTBhZTBhNzE0NzI0NjRmMWI0ODY2ZWQxNjg3MCIsInRpIjoxNjM0ODI3MjcyNjY4fX0=
Accept: application/json, text/plain, */*
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
Referer: https://donate.musiciansoncall.org/give/102085/

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"c24d-ZjuyA52EzzL2s2vvMFOBczqA9P0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: CSRF-TOKEN=GkhE3dxw-24RiIU-rhwuhwnCOvHHe5sA-DSg; Path=/
cf-ray: 6a1b3ed63a654119-PRG
vary: Accept-Encoding

GET
H2 200 ach-account-routing Show response
donate.musiciansoncall.org/frs-api/organizations/6948/ 33 B
169 B 477ms
477ms XHR
application/json 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/frs-api/organizations/6948/ach-account-routing

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
x-xsrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-022213913ce61751----1634827272669
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwMjIyMTM5MTNjZTYxNzUxIiwidHIiOiI2MWM4MzE4MThmYjI1OTdiNThlZjYwYWZlOGYxODBiMCIsInRpIjoxNjM0ODI3MjcyNjY5fX0=
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A12+GMT%2B0000+(GMT)&version=3.6.25
:path: /frs-api/organizations/6948/ach-account-routing
pragma: no-cache
x-newrelic-id: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-61c831818fb2597b58ef60afe8f180b0-022213913ce61751-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
:method: GET
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-022213913ce61751----1634827272669
traceparent: 00-61c831818fb2597b58ef60afe8f180b0-022213913ce61751-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwMjIyMTM5MTNjZTYxNzUxIiwidHIiOiI2MWM4MzE4MThmYjI1OTdiNThlZjYwYWZlOGYxODBiMCIsInRpIjoxNjM0ODI3MjcyNjY5fX0=
Accept: application/json, text/plain, */*
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
Referer: https://donate.musiciansoncall.org/give/102085/

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: CSRF-TOKEN=laNlVtCC-IAYJ_Zz6l7lop2PPYdbtxOZwejE; Path=/
cf-ray: 6a1b3ed63a6b4119-PRG
vary: Accept-Encoding
content-length: 33

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
805 B 796ms
600ms XHR
application/json 104.18.132.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=5665&currency=EUR

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.132.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 f631e696fd022598ec39e248ac48b193.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-classypay-requestid: 23f3d028-f930-4cce-8725-376c2e8a074d
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6a1b3ed7f8592794-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: SBspeFnWzhS8pK49IHITXcgqM15YkvbFIVWDbq7w2jSdgtb8184fGQ==

GET
H2 200 63c414da-2b61-11e7-9ead-0ef29dd210a6.jpg
assets.classy.org/3239888/ 703 KB
705 KB 140ms
131ms Image
image/jpeg 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/3239888/63c414da-2b61-11e7-9ead-0ef29dd210a6.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09a6f5b78f835770f0cee60fa45b72273c42b48e77b0b3522b341cad4cb12eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
via: 1.1 93fcd07b66eaf26b036f14e2ec9d73eb.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 720262
last-modified: Thu, 27 Apr 2017 15:51:36 GMT
server: cloudflare
etag: "e0a156241d713d3d70b55b1bdd3b4776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: public,max-age=31536000
x-amz-version-id: Ao9hynvDxdPe71KjA_.oFaZxIoYmaJdc
accept-ranges: bytes
cf-ray: 6a1b3ed71d864107-PRG
x-amz-cf-id: NpGAZsD8LY8fdgpObXev5kInxLFcEQbTqemfYo0kQaK9QIvbMtWvwg==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/15002/static/global/images/ 394 B
653 B 38ms
38ms Image
image/webp 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/15002/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15002/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/15002/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
vary: Accept
cf-cache-status: HIT
age: 48730
cf-polished: origFmt=png, origSize=547
cf-ray: 6a1b3ed70d724107-PRG
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: UVXEAA7k0CB5kAQBvoam+5WlT9cj14OJP1cu1W1+Lw0b321zisLdYH1/ixfajsW7Zp0vwC1yB7k=
last-modified: Thu, 21 Oct 2021 00:42:48 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: B7QA77N36VR1BBN0
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/15002/static/fonts/ 65 KB
66 KB 772ms
727ms Font
binary/octet-stream 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15002/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15002/static/frs/main.css
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: K7ASMWB69K6K06XN
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 66624
x-amz-id-2: T/vMCW9MSjN8JYSrEyc61aiIL7+qhg2k5I1d/7lj84h7wSBKXfEV3vsNFqAbIRUOHzl8D2qY1rQ=
last-modified: Thu, 21 Oct 2021 00:42:48 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6a1b3ed76b77f9da-PRG

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/15002/static/global/fonts/ 42 KB
43 KB 763ms
718ms Font
application/x-font-woff 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15002/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15002/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee9c45ae2075e9ee4438a02c2c453d32524a069e845dc8c9693fdc9bdffb3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15002/static/frs/main.css
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: K7AHWBFBJEZH2Y6Q
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 42880
x-amz-id-2: 6C/aiFCMvwoN2bO1PVvm58E+tpSj+Tvedza7w2t1p3ZIL9Tl1h1z/W5gp6j4UAnHvM3wIb4c8pI=
last-modified: Thu, 21 Oct 2021 00:42:48 GMT
server: cloudflare
etag: "76c6ca1fd52bc8206d05e78050473d57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6a1b3ed76b7df9da-PRG

GET
H2 200 currency-conversions Show response
donate.musiciansoncall.org/frs-api/i18n/ 75 B
210 B 437ms
434ms XHR
application/json 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36286d64f60cdcb37980e4da0bccd1e83307ac50684bb728062a0818d318c4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
x-xsrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-294bef50aa801acc----1634827272925
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyOTRiZWY1MGFhODAxYWNjIiwidHIiOiI5YjAyMDUwY2JkMDkxMjY5YmYzZjQwNjEyYWU0NWE3MCIsInRpIjoxNjM0ODI3MjcyOTI1fX0=
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A12+GMT%2B0000+(GMT)&version=3.6.25
:path: /frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR
pragma: no-cache
x-newrelic-id: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-9b02050cbd091269bf3f40612ae45a70-294bef50aa801acc-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
:method: GET
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
tracestate: 423787@nr=0-1-423787-363751183-294bef50aa801acc----1634827272925
traceparent: 00-9b02050cbd091269bf3f40612ae45a70-294bef50aa801acc-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyOTRiZWY1MGFhODAxYWNjIiwidHIiOiI5YjAyMDUwY2JkMDkxMjY5YmYzZjQwNjEyYWU0NWE3MCIsInRpIjoxNjM0ODI3MjcyOTI1fX0=
Accept: application/json, text/plain, */*
csrf-token: fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E
Referer: https://donate.musiciansoncall.org/give/102085/

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"4b-kYRQep2vtq66sBoTh2a5ADm7T1U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: CSRF-TOKEN=xOGEvaAX-c0U5QMTPTEvKYVAYMyE6cxycncM; Path=/
cf-ray: 6a1b3ed7dd584119-PRG
vary: Accept-Encoding

GET
H2 200 user-icon.png
donate.musiciansoncall.org/static/global/images/ 4 KB
5 KB 433ms
432ms Image
image/png 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.musiciansoncall.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/global/images/user-icon.png
pragma: no-cache
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A12+GMT%2B0000+(GMT)&version=3.6.25
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/give/102085/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Oct 2021 00:38:06 GMT
server: cloudflare
etag: "6170b66e-11ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a1b3ed7ed794119-PRG
content-length: 4588
expires: Fri, 21 Oct 2022 14:41:13 GMT

GET
H2 200 50ae800c-f3ac-11e6-b770-0aa21582f58a.png
assets.classy.org/3239888/ 218 KB
219 KB 761ms
760ms Image
image/png 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/3239888/50ae800c-f3ac-11e6-b770-0aa21582f58a.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7de06663940d33071e6643ed3afdbf433d9758d00469e9e9bdf2cde46677742

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 223498
last-modified: Wed, 15 Feb 2017 18:26:50 GMT
server: cloudflare
etag: "1e6b91ff8c30f64729b63f7ae0722434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
cache-control: public,max-age=31536000
x-amz-version-id: sLqfHq33LQY7hBg3bj.r6EXwNsNuPeRn
accept-ranges: bytes
cf-ray: 6a1b3ed7ef2b4107-PRG
x-amz-cf-id: ovvhR1en7ei33k10XdJchRqKzMS9uSt5ADcHQbdTl8m-ezwMLwMDaQ==

GET
H2 200 94a09240-9499-11e6-8464-06c48d981e2f.png
assets.classy.org/3239888/ 7 KB
8 KB 594ms
594ms Image
image/png 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/3239888/94a09240-9499-11e6-8464-06c48d981e2f.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd97e407ef3a10d8dab1fe7e58823622a0bfa68bc2834e10959bf016e0d27ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 7464
last-modified: Mon, 17 Oct 2016 18:43:24 GMT
server: cloudflare
etag: "2f8aa16ce222e7b88c53bc5350546853"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
cache-control: public,max-age=31536000
x-amz-version-id: d_RTBTX4Z5HvRZ8Z2iCSxrIJMpo8SAaV
accept-ranges: bytes
cf-ray: 6a1b3ed7ef2f4107-PRG
x-amz-cf-id: Opjcuz3P6qAllxsgIVK5gXy7wSkR2MbQNGTdFj11lLme-t7c88ALnQ==

GET
H2 200 0bf92802-efcb-11e6-a8a8-0ef29dd210a6.jpg
assets.classy.org/3239888/ 35 KB
35 KB 460ms
460ms Image
image/jpeg 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/3239888/0bf92802-efcb-11e6-a8a8-0ef29dd210a6.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b3ab64e6c700fc97fb3d6e4f9dfd88a0b0a9ca92493c0687187cc1c3fb4e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22d.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: PRG50-C1
cf-ray: 6a1b3ed7ef334107-PRG
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 35874
last-modified: Fri, 10 Feb 2017 19:56:44 GMT
server: cloudflare
etag: "75acbcc42badf85a4822eb9c03357dde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-version-id: yji2PlD3MauijtXY8LkbOWQH_Luna6O5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: xDH4CbjpxVEUIm0yNRpWIOmIa18GRAK9HkYgtIn9QTIakpXsQjhvHw==

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 442ms
106ms Image
image/gif 18.233.45.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3069685772504978&v=6619333494233268&s=4134829646254439&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout&h=%2Fgive%2F102085%2F&d=donate.musiciansoncall.org&t=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&ts=1634827272953&st=1634827272965

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.45.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-45-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:13 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 rum Show response
donate.musiciansoncall.org/cdn-cgi/ 0
197 B 29ms
29ms XHR
text/plain 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/cdn-cgi/rum?

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://donate.musiciansoncall.org
accept-encoding: gzip, deflate, br
tracestate: 423787@nr=0-1-423787-363751183-792c39af64b201e6----1634827272967
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3OTJjMzlhZjY0YjIwMWU2IiwidHIiOiI1NGE4MmEzOWEyZGQ4ZmEyZDZmZWZmZTkxOTA0OTMzMCIsInRpIjoxNjM0ODI3MjcyOTY3fX0=
sec-fetch-dest: empty
cookie: CSRF-TOKEN=fszcMy0P-mwGyJSfWglGXdoasV2fxRv2ns7E; connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A12+GMT%2B0000+(GMT)&version=3.6.25; _hp2_id.1566116007=%7B%22userId%22%3A%223069685772504978%22%2C%22pageviewId%22%3A%226619333494233268%22%2C%22sessionId%22%3A%224134829646254439%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22z%22%3A0%2C%22ts%22%3A1634827272953%2C%22d%22%3A%22donate.musiciansoncall.org%22%2C%22h%22%3A%22%2Fgive%2F102085%2F%22%2C%22t%22%3A%22Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D
content-length: 4541
:path: /cdn-cgi/rum?
pragma: no-cache
x-newrelic-id: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-54a82a39a2dd8fa2d6feffe919049330-792c39af64b201e6-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
:method: POST
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-792c39af64b201e6----1634827272967
traceparent: 00-54a82a39a2dd8fa2d6feffe919049330-792c39af64b201e6-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3OTJjMzlhZjY0YjIwMWU2IiwidHIiOiI1NGE4MmEzOWEyZGQ4ZmEyZDZmZWZmZTkxOTA0OTMzMCIsInRpIjoxNjM0ODI3MjcyOTY3fX0=
content-type: application/json
Referer: https://donate.musiciansoncall.org/give/102085/

Response headers

date: Thu, 21 Oct 2021 14:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://donate.musiciansoncall.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6a1b3ed81dd84119-PRG
vary: Origin

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 54ms
16ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

dc8579028e6c99023b053237372924e8d9b433250c9bab706f4995ef6d3a4c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 14:41:13 GMT
server: ESF
date: Thu, 21 Oct 2021 14:41:13 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 21 Oct 2021 14:41:13 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
476 B 589ms
589ms XHR
application/json 104.18.132.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=5665&currency=EUR

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.132.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30a9aa2305ee5d5bbf14458b165316cdbb9e25d64ae64387304f1485b8b3869c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 65dc50162b685d34f2ac712298bb090d.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-classypay-requestid: cf01454a-8f9e-4e43-8ce1-d632602de83b
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6a1b3ed838ca2794-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: JZyqUfpDoaNYP1BWOJYv6yYflM61GHTWB7NyRAz21g-CSbPhiP0cNA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
154 B 14ms
14ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=732960445&t=timing&_s=1&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1634827272414&utt=2189&_u=aGDACEABBAAAAC~&jid=43071702&gjid=1691988095&cid=842289835.1634827272&tid=UA-3837893-1&_gid=1191980804.1634827272&_r=1&_slc=1&cd1=6948&cd2=Classy%20Pay&cd3=1&cd4=p2p&cd5=102085&cd6=campaign&z=1969487450

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.musiciansoncall.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=732960445&t=timing&_s=2&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1634827272414&utt=2938&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=842289835.1634827272&tid=UA-3837893-1&_gid=1191980804.1634827272&cd1=6948&cd2=Classy%20Pay&cd3=1&cd4=p2p&cd5=102085&cd6=campaign&z=191422045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 10:34:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14797
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
6ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=732960445&t=timing&_s=3&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1634827272414&utt=3221&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=842289835.1634827272&tid=UA-3837893-1&_gid=1191980804.1634827272&cd1=6948&cd2=Classy%20Pay&cd3=1&cd4=p2p&cd5=102085&cd6=campaign&z=884951839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 10:34:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14797
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
6ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=732960445&t=timing&_s=4&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1634827272414&utt=3327&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=842289835.1634827272&tid=UA-3837893-1&_gid=1191980804.1634827272&cd1=6948&cd2=Classy%20Pay&cd3=1&cd4=p2p&cd5=102085&cd6=campaign&z=177736397

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 10:34:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14797
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
6ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=732960445&t=timing&_s=5&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1634827272414&utt=4276&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=842289835.1634827272&tid=UA-3837893-1&_gid=1191980804.1634827272&cd1=6948&cd2=Classy%20Pay&cd3=1&cd4=p2p&cd5=102085&cd6=campaign&z=2144753459

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 10:34:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14797
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 351ms
106ms Image
image/gif 18.233.45.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1634827273057&hv=4.15.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.45.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-45-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:13 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 27 KB
27 KB 47ms
19ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options: nosniff
age: 125004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 03:57:49 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 27 KB
27 KB 49ms
27ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options: nosniff
age: 125004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 03:57:49 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 27 KB
27 KB 44ms
25ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options: nosniff
age: 125004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 03:57:49 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v5/ 29 KB
29 KB 22ms
10ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

3e1808a9ace7385d348932f3772b932fae013838a7eccf665e0c3beb2373050c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 18:00:30 GMT
x-content-type-options: nosniff
age: 247243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29248
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:00:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 18:00:30 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 185ms
10ms Script
application/javascript 69.16.175.42
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://donate.musiciansoncall.org/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1634827273.dop140.fr8.t,1634827273.cds276.fr8.hn,1634827273.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
417 B 180ms
17ms XHR
text/plain 142.251.5.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-3837893-1&cid=842289835.1634827272&jid=43071702&gjid=1691988095&_gid=1191980804.1634827272&_u=aGDACEAABAAAAC~&z=1589368433

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Oct 2021 14:41:13 GMT
content-type: text/plain
access-control-allow-origin: https://donate.musiciansoncall.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/9e457a67/www-widgetapi.vflset/ 143 KB
46 KB 46ms
14ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e457a67/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

007ae39c614f532fd0efffce182882893814be75637bd67a6eaeed98ab364402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47516
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 00:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Oct 2022 14:38:48 GMT

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 1055ms
903ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/67fe2a1b26?a=363721230&v=1211.ba193a8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=4438&ck=1&ref=https://donate.musiciansoncall.org/give/102085/&ap=208.444632&be=3316&fe=3543&dc=3541&tt=13fd00a6f5efd8&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1634827268705,%22n%22:0,%22f%22:2091,%22dn%22:2092,%22dne%22:2144,%22c%22:2144,%22s%22:2161,%22ce%22:2189,%22rq%22:2189,%22rp%22:2938,%22rpe%22:3221,%22dl%22:2941,%22di%22:3223,%22ds%22:3314,%22de%22:3314,%22dc%22:3314,%22l%22:3314,%22le%22:3327%7D,%22navigation%22:%7B%7D%7D&fp=4272&fcp=4272&jsonp=NREUM.setToken
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 21 Oct 2021 14:41:14 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a1b3eda2f0d411a-PRG

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FB6E 1 KB
850 B 8ms
6ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 222
via: 1.1 varnish
x-cache: HIT
content-length: 645
x-amz-id-2: HRINMDo5ekrpPu+9c93OznX7/9MXrEUhKztx8Ee7Poreyst4Eimnr4m8JleIOvwa3DplG0S/OUs=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:00 GMT
server: AmazonS3
etag: "5213886b88cd72e6d0aebc89868e5d13"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NHATZM9HJBMFEKS4
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 686

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v5/ 29 KB
29 KB 28ms
8ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

3e1808a9ace7385d348932f3772b932fae013838a7eccf665e0c3beb2373050c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 18:00:30 GMT
x-content-type-options: nosniff
age: 247243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29248
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:00:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 18:00:30 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 27 KB
27 KB 30ms
10ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options: nosniff
age: 125004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 03:57:49 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 27 KB
27 KB 33ms
13ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donate.musiciansoncall.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options: nosniff
age: 125004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 03:57:49 GMT

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 310A 319 KB
103 KB 8ms
8ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fdonate.musiciansoncall.org
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://donate.musiciansoncall.org/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 149980
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Oct 2021 14:41:13 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4687 932 B
969 B 12ms
9ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 varnish
age: 40
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 66
x-timer: S1634827273.305878,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

POST
H2 200 csp-report
q.stripe.com/ Frame 4687 0
121 B 821ms
169ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
x-envoy-upstream-service-time: 2
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
474 B 398ms
398ms XHR
application/json 104.18.132.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=5665&currency=EUR

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.132.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30a9aa2305ee5d5bbf14458b165316cdbb9e25d64ae64387304f1485b8b3869c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-classypay-requestid: 604fd457-3bd6-45e8-b24b-2e1025337d75
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6a1b3edb1e142794-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: 9DkOocbQ9-kE6TI8isN87HBrXTqg1CecEUr3vs8cFv4AKDoYVGYC6Q==

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
donate.musiciansoncall.org/sso/ssobuild/js/ 34 KB
9 KB 524ms
524ms XHR
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
tracestate: 423787@nr=0-1-423787-363751183-49f91ff5127c7c37----1634827273455
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0OWY5MWZmNTEyN2M3YzM3IiwidHIiOiIwMTY4ZjcyNzE4NDExYzhjYTBlYWE4MjM3OGI3OTlmMCIsInRpIjoxNjM0ODI3MjczNDU1fX0=
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; _hp2_id.1566116007=%7B%22userId%22%3A%223069685772504978%22%2C%22pageviewId%22%3A%226619333494233268%22%2C%22sessionId%22%3A%224134829646254439%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22z%22%3A0%2C%22ts%22%3A1634827272953%2C%22d%22%3A%22donate.musiciansoncall.org%22%2C%22h%22%3A%22%2Fgive%2F102085%2F%22%2C%22t%22%3A%22Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D; _gat_classyTrack=1; _hp2_props.1566116007=%7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A6948%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A102085%2C%22campaign_type%22%3A%22p2p%22%2C%22duplicate_fundraisers%22%3Atrue%2C%22existing_fundraiser%22%3Afalse%7D; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A13+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true; CSRF-TOKEN=xOGEvaAX-c0U5QMTPTEvKYVAYMyE6cxycncM
:path: /sso/ssobuild/js/iframeResizer-6bb8ec1b02.js
pragma: no-cache
x-newrelic-id: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-0168f72718411c8ca0eaa82378b799f0-49f91ff5127c7c37-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
:method: GET
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-49f91ff5127c7c37----1634827273455
traceparent: 00-0168f72718411c8ca0eaa82378b799f0-49f91ff5127c7c37-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0OWY5MWZmNTEyN2M3YzM3IiwidHIiOiIwMTY4ZjcyNzE4NDExYzhjYTBlYWE4MjM3OGI3OTlmMCIsInRpIjoxNjM0ODI3MjczNDU1fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.musiciansoncall.org/give/102085/
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Oct 2021 23:17:40 GMT
server: cloudflare
etag: W/"616f5214-893d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a1b3edb3baa4119-PRG
expires: Fri, 21 Oct 2022 14:41:13 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 310A 232 B
448 B 683ms
193ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5af34019f17e7202685daf8de09e8a9a598b3b83

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fdonate.musiciansoncall.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time: 167
date: Thu, 21 Oct 2021 14:41:13 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 14:41:14 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d56d0254bab78b71d1e13633c7070e671029d66e7990241005f614aa7bf101ff
content-length: 166

GET
H2 200 controller-287accd6b7470a9973a3b4c487ffb441.html Show response
js.stripe.com/v3/ Frame 7A79 349 B
637 B 13ms
13ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f45a8f6bde47253d6e514532b4dfc9d4e057e97e0ab02ad52a71dffa7026094c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-287accd6b7470a9973a3b4c487ffb441.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.musiciansoncall.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

x-amz-id-2: 5RbAsddBlfe0a1SKv9A1fL3g6ksteFm4+owbCWiw/gTExzJBNnZNpHHKTpPldS8tT7vzq5pcql8=
x-amz-request-id: VGRB4DQ5G29M92RY
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
etag: "287accd6b7470a9973a3b4c487ffb441"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 varnish
age: 14
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 7
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 167

GET
H2 200 payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html Show response
js.stripe.com/v3/ Frame B0F3 434 B
625 B 25ms
24ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1858f39b193991a4cb9b2870748f23b4fd9e3f14be2d2d7b03d56df567c8d3c8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.musiciansoncall.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

x-amz-id-2: ywBMHbIGlGOpZBSTBXymOCtD2X899Q8lXTEOJWufzqp6YPxRdJns6zSTPcRl/lZM46I9DUyNVVQ=
x-amz-request-id: 3CKSHGQC0P8FFMQN
last-modified: Tue, 19 Oct 2021 21:45:18 GMT
etag: "ce18f638dc1b2c0c9af85b72e925afa5"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:14 GMT
via: 1.1 varnish
age: 146
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 198

GET
H2 200 payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html Show response
js.stripe.com/v3/ Frame 2DFE 370 B
669 B 25ms
25ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

196db4067cb1f7a7a2308e58bcc022d6ed7f2e38052e70d02172d2bf6435cec1

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.musiciansoncall.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

x-amz-id-2: ZlVTXYsW7NRIcEKnDYpUhvMIFT5VTtw8FaxUi9QpemlsIFmB69QLNzeEBW0TBlpHA15jaKQHujo=
x-amz-request-id: J8H388P2GJFWBEAH
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
etag: "019ea94eb2866906f02e2be0d2806e2d"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:14 GMT
via: 1.1 varnish
age: 97
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 179

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
463 B 160ms
160ms XHR
application/json 104.18.132.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=5665&currency=EUR

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.132.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:13 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-classypay-requestid: 2b483838-e729-4420-9bd8-e1560273a2d6
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6a1b3edc68df2794-PRG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: SD8s6CkwS21kTcJXV7bh8hkfYSzkOgO-ctaZt5yEWzgk8gkcBWjDrQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=732960445&t=timing&_s=6&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1634827272414&utt=5108&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=842289835.1634827272&tid=UA-3837893-1&_gid=1191980804.1634827272&cd1=6948&cd2=Classy%20Pay&cd3=1&cd4=p2p&cd5=102085&cd6=campaign&z=218144845

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 02:08:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45160
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-287accd6b7470a9973a3b4c487ffb441.html Show response
js.stripe.com/v3/ Frame 60B6 349 B
637 B 9ms
9ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f45a8f6bde47253d6e514532b4dfc9d4e057e97e0ab02ad52a71dffa7026094c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-287accd6b7470a9973a3b4c487ffb441.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.musiciansoncall.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

x-amz-id-2: 5RbAsddBlfe0a1SKv9A1fL3g6ksteFm4+owbCWiw/gTExzJBNnZNpHHKTpPldS8tT7vzq5pcql8=
x-amz-request-id: VGRB4DQ5G29M92RY
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
etag: "287accd6b7470a9973a3b4c487ffb441"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:14 GMT
via: 1.1 varnish
age: 14
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 8
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 167

GET
H2 200 payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html Show response
js.stripe.com/v3/ Frame A072 434 B
420 B 14ms
14ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1858f39b193991a4cb9b2870748f23b4fd9e3f14be2d2d7b03d56df567c8d3c8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.musiciansoncall.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

x-amz-id-2: ywBMHbIGlGOpZBSTBXymOCtD2X899Q8lXTEOJWufzqp6YPxRdJns6zSTPcRl/lZM46I9DUyNVVQ=
x-amz-request-id: 3CKSHGQC0P8FFMQN
last-modified: Tue, 19 Oct 2021 21:45:18 GMT
etag: "ce18f638dc1b2c0c9af85b72e925afa5"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:14 GMT
via: 1.1 varnish
age: 146
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 198

GET
H2 200 payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html Show response
js.stripe.com/v3/ Frame AFF3 370 B
669 B 7ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

196db4067cb1f7a7a2308e58bcc022d6ed7f2e38052e70d02172d2bf6435cec1

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://donate.musiciansoncall.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/

Response headers

x-amz-id-2: ZlVTXYsW7NRIcEKnDYpUhvMIFT5VTtw8FaxUi9QpemlsIFmB69QLNzeEBW0TBlpHA15jaKQHujo=
x-amz-request-id: J8H388P2GJFWBEAH
last-modified: Tue, 19 Oct 2021 21:45:17 GMT
etag: "019ea94eb2866906f02e2be0d2806e2d"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 21 Oct 2021 14:41:14 GMT
via: 1.1 varnish
age: 97
x-served-by: cache-hhn4033-HHN
x-cache: HIT
x-cache-hits: 7
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 179

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 4687 85 KB
16 KB 9ms
8ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 15786
x-served-by: cache-hhn4033-HHN
server: Fastly
x-timer: S1634827274.054610,VS0,VE0
date: Thu, 21 Oct 2021 14:41:14 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 78

GET
H2 200 status Show response
donate.musiciansoncall.org/sso/ 89 B
1 KB 462ms
462ms XHR
application/javascript 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.musiciansoncall.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33103804977050173757_1634827273452&_=1634827273453

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

59b4ad961c217b12c7b69f92171609ef05dbde3c5b275939f6513806774a19b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
tracestate: 423787@nr=0-1-423787-363751183-77cecab35dc55b28----1634827274073
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3N2NlY2FiMzVkYzU1YjI4IiwidHIiOiIxY2U2NTcwYjc4MGUzYTkzOTEzZjk4YThlY2U1NzZhMCIsInRpIjoxNjM0ODI3Mjc0MDczfX0=
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; _hp2_id.1566116007=%7B%22userId%22%3A%223069685772504978%22%2C%22pageviewId%22%3A%226619333494233268%22%2C%22sessionId%22%3A%224134829646254439%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _gat_classyTrack=1; _hp2_props.1566116007=%7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A6948%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A102085%2C%22campaign_type%22%3A%22p2p%22%2C%22duplicate_fundraisers%22%3Atrue%2C%22existing_fundraiser%22%3Afalse%7D; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A13+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true; CSRF-TOKEN=xOGEvaAX-c0U5QMTPTEvKYVAYMyE6cxycncM; _hp2_ses_props.1566116007=%7B%22ts%22%3A1634827272953%2C%22d%22%3A%22donate.musiciansoncall.org%22%2C%22h%22%3A%22%2Fgive%2F102085%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D
:path: /sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33103804977050173757_1634827273452&_=1634827273453
pragma: no-cache
x-newrelic-id: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-1ce6570b780e3a93913f98a8ece576a0-77cecab35dc55b28-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
:method: GET
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-77cecab35dc55b28----1634827274073
traceparent: 00-1ce6570b780e3a93913f98a8ece576a0-77cecab35dc55b28-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3N2NlY2FiMzVkYzU1YjI4IiwidHIiOiIxY2U2NTcwYjc4MGUzYTkzOTEzZjk4YThlY2U1NzZhMCIsInRpIjoxNjM0ODI3Mjc0MDczfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.musiciansoncall.org/give/102085/
X-Requested-With: XMLHttpRequest

Response headers

cf-ray: 6a1b3edf0b8c4119-PRG
date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache
set-cookie: acceptCookies=eyJpdiI6ImF5b2ZaaGtmUk1wNkVtaFY4TmZoMGc9PSIsInZhbHVlIjoiVEllTVVSb0J5OTJFUWllZGJ5UFpFQT09IiwibWFjIjoiNzNkODI2M2VmODg3Yjg1ZDFmNTgzODM5Nzc0OTJiMmYyNmYxNDg2YjMxZDEyOGE0YzlmY2Q4ZWRhNmI4YjMzOCJ9; expires=Fri, 21-Oct-2022 14:41:14 GMT; Max-Age=31536000; path=/; SameSite=None; secure XSRF-TOKEN=eyJpdiI6IjRiU3pxelBoQVJ3SERidzBDTEtsMGc9PSIsInZhbHVlIjoiU1F6S1hhQ2d3aU9NZEZTeGRqcnBTdXZwd0JkRFcyM0l2SHZoK3FXenlyaFpUckxVc0tneGpjYTJIOU80WWhUVDI1TU5uM0Znb0dhRVwvbkxITHltMXh3PT0iLCJtYWMiOiIzODY1MmUyOTgxM2E1NDM3ZTdhMGFlZjM0ZmE3YzE0ZjY0NGY4MTMyZjEyMjQ3NmFlYWNhOWRhMzJiNjkxNGEzIn0%3D; expires=Thu, 21-Oct-2021 16:41:14 GMT; Max-Age=7200; path=/; SameSite=None; secure sid=eyJpdiI6Ilo2V1RZZHNQZUpqRkFLZFAwWEVJdWc9PSIsInZhbHVlIjoiTWFZWEwwQ0ljWkdKeGJzYmV1dDdseDllWXBsakdvaGsxakxXMlJZK2FZZEdvNlBkSUxwT05FdU5CMGdMSTRhTmtGN0tOb2VnVnNLODNkQll0UGRNNXc9PSIsIm1hYyI6ImM1MWZkZWRhNGI0NTNlMmE4MmQ5YTVlMzU0ZmJiZmE0NmRlOTc3YjNmNmE1NWI3MDFjN2JiN2Y4NWRjY2M5YjUifQ%3D%3D; path=/; SameSite=None; secure; httponly
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7A79 189 KB
47 KB 20ms
20ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 54
via: 1.1 varnish
x-cache: HIT
content-length: 47713
x-amz-id-2: b7VUBZ/Z5m2kkmz/12DkIDekPAstXCyABbJwjuTvIF9u6EWDCJRzcFD6g4wpuVSAZR36u3sBGnc=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
etag: "39566d350c9935e47f6bdfc4a646353a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 45M56X7VDPMBPQF2
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 29

GET
H2 200 controller-689329b81a4ec36442242c74d6f7e785.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7A79 287 KB
74 KB 22ms
22ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-689329b81a4ec36442242c74d6f7e785.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f30963d624b1125213209b260327c18887a6c3df00ca26de608660a28bf7147

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 144
via: 1.1 varnish
x-cache: HIT
content-length: 75956
x-amz-id-2: 47HPJBaIrnp8B10S+VF7Zr0GpWx6iBW5IwWLlSW54ih8gx2yOmAkX8cbiR7OpGTsdddWO6mHJdA=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:00 GMT
server: AmazonS3
etag: "49196ee91f6eaadf5c894614b0ed6e00"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: JFE923RTR7Y0G5BS
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 67

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame B0F3 95 KB
31 KB 142ms
65ms Script
application/javascript 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f92.1e100.net

Software

ESF /

Resource Hash

f31c0bfc01df8662eccc5031bc752871902dd60710eecc01cc7474ee0ccddd47

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-b8HytA1FrkHZJQZO4PK7VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-b8HytA1FrkHZJQZO4PK7VQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-b8HytA1FrkHZJQZO4PK7VQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-b8HytA1FrkHZJQZO4PK7VQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Thu, 21 Oct 2021 14:41:14 GMT

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B0F3 189 KB
47 KB 20ms
20ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 54
via: 1.1 varnish
x-cache: HIT
content-length: 47713
x-amz-id-2: b7VUBZ/Z5m2kkmz/12DkIDekPAstXCyABbJwjuTvIF9u6EWDCJRzcFD6g4wpuVSAZR36u3sBGnc=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
etag: "39566d350c9935e47f6bdfc4a646353a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 45M56X7VDPMBPQF2
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 30

GET
H2 200 payment-request-inner-google-pay-db7ec9ee9b6bdde09de06e0dd1295f5e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B0F3 13 KB
4 KB 19ms
19ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-db7ec9ee9b6bdde09de06e0dd1295f5e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

534ff11f9772b25fa99b794110ff7afa7db494f58823cf3f6753432c7e8defc6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 45
via: 1.1 varnish
x-cache: HIT
content-length: 4354
x-amz-id-2: jtyC35P3qHTx0euEsxbdDUd6B4qq0j1cGGxhOXLrn9DHk+WZns1qD1oKT2TNar71+jtdiB99PxM=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:05 GMT
server: AmazonS3
etag: "cddcb315a946f417d5bd490169481641"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 2XV0C9Z1HMH5RR7P
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2DFE 189 KB
47 KB 25ms
25ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 54
via: 1.1 varnish
x-cache: HIT
content-length: 47713
x-amz-id-2: b7VUBZ/Z5m2kkmz/12DkIDekPAstXCyABbJwjuTvIF9u6EWDCJRzcFD6g4wpuVSAZR36u3sBGnc=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
etag: "39566d350c9935e47f6bdfc4a646353a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 45M56X7VDPMBPQF2
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 31

GET
H2 200 payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2DFE 11 KB
4 KB 27ms
27ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 23
via: 1.1 varnish
x-cache: HIT
content-length: 4063
x-amz-id-2: vXWfn8+q7L5htlo4CarsiMktntSffDMjc3cKqGNN8/26mAyABwFJJLTNK7XsPqG+Y9WA0MVvYw0=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:06 GMT
server: AmazonS3
etag: "10d818482d8e44820136b10d6f9b02e4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: J8H8Z35G9GHVY1TS
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 60B6 189 KB
47 KB 8ms
7ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 54
via: 1.1 varnish
x-cache: HIT
content-length: 47713
x-amz-id-2: b7VUBZ/Z5m2kkmz/12DkIDekPAstXCyABbJwjuTvIF9u6EWDCJRzcFD6g4wpuVSAZR36u3sBGnc=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
etag: "39566d350c9935e47f6bdfc4a646353a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 45M56X7VDPMBPQF2
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 32

GET
H2 200 controller-689329b81a4ec36442242c74d6f7e785.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 60B6 287 KB
74 KB 9ms
9ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-689329b81a4ec36442242c74d6f7e785.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f30963d624b1125213209b260327c18887a6c3df00ca26de608660a28bf7147

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-287accd6b7470a9973a3b4c487ffb441.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 144
via: 1.1 varnish
x-cache: HIT
content-length: 75956
x-amz-id-2: 47HPJBaIrnp8B10S+VF7Zr0GpWx6iBW5IwWLlSW54ih8gx2yOmAkX8cbiR7OpGTsdddWO6mHJdA=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:00 GMT
server: AmazonS3
etag: "49196ee91f6eaadf5c894614b0ed6e00"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: JFE923RTR7Y0G5BS
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 68

GET
H3 200 pay.js Show response
pay.google.com/gp/p/js/ Frame A072 95 KB
30 KB 112ms
70ms Script
application/javascript 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f92.1e100.net

Software

ESF /

Resource Hash

f31c0bfc01df8662eccc5031bc752871902dd60710eecc01cc7474ee0ccddd47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JsQNWf/wWEynx3KKq0N5/Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-JsQNWf/wWEynx3KKq0N5/Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-JsQNWf/wWEynx3KKq0N5/Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-JsQNWf/wWEynx3KKq0N5/Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:14 GMT

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A072 189 KB
47 KB 21ms
20ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 54
via: 1.1 varnish
x-cache: HIT
content-length: 47713
x-amz-id-2: b7VUBZ/Z5m2kkmz/12DkIDekPAstXCyABbJwjuTvIF9u6EWDCJRzcFD6g4wpuVSAZR36u3sBGnc=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
etag: "39566d350c9935e47f6bdfc4a646353a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 45M56X7VDPMBPQF2
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 33

GET
H2 200 payment-request-inner-google-pay-db7ec9ee9b6bdde09de06e0dd1295f5e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A072 13 KB
4 KB 22ms
21ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-db7ec9ee9b6bdde09de06e0dd1295f5e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

534ff11f9772b25fa99b794110ff7afa7db494f58823cf3f6753432c7e8defc6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-ce18f638dc1b2c0c9af85b72e925afa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 45
via: 1.1 varnish
x-cache: HIT
content-length: 4354
x-amz-id-2: jtyC35P3qHTx0euEsxbdDUd6B4qq0j1cGGxhOXLrn9DHk+WZns1qD1oKT2TNar71+jtdiB99PxM=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:05 GMT
server: AmazonS3
etag: "cddcb315a946f417d5bd490169481641"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 2XV0C9Z1HMH5RR7P
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3

GET
H2 200 shared-ba377655677fedb65f8e3b4fe6d23664.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AFF3 189 KB
47 KB 23ms
23ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 54
via: 1.1 varnish
x-cache: HIT
content-length: 47713
x-amz-id-2: b7VUBZ/Z5m2kkmz/12DkIDekPAstXCyABbJwjuTvIF9u6EWDCJRzcFD6g4wpuVSAZR36u3sBGnc=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:07 GMT
server: AmazonS3
etag: "39566d350c9935e47f6bdfc4a646353a"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 45M56X7VDPMBPQF2
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 34

GET
H2 200 payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AFF3 11 KB
4 KB 29ms
28ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-019ea94eb2866906f02e2be0d2806e2d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 23
via: 1.1 varnish
x-cache: HIT
content-length: 4063
x-amz-id-2: vXWfn8+q7L5htlo4CarsiMktntSffDMjc3cKqGNN8/26mAyABwFJJLTNK7XsPqG+Y9WA0MVvYw0=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Tue, 19 Oct 2021 21:45:06 GMT
server: AmazonS3
etag: "10d818482d8e44820136b10d6f9b02e4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: J8H8Z35G9GHVY1TS
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 4

POST
H2 200 6 Show response
m.stripe.com/ Frame 4687 156 B
517 B 525ms
179ms XHR
text/plain 52.89.186.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.186.194 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-186-194.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1a0ed24665a7233f6859e1724590970f171abc7480be91bedd85a8dd333534ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 0371 17 KB
7 KB 62ms
62ms Document
text/html 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f92.1e100.net

Software

ESF /

Resource Hash

ac38f17c1268eea70ef387cea5969c83e585a40b25f1a86b5405747662412705

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-sZ2KVqc8IBwGEX7lq2x7Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-sZ2KVqc8IBwGEX7lq2x7Cg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=dm89uB3tVce8YZAkakx-h0KCd-kAbhqaweNUB2njA2zTvIrKJNQ4YotHTFP1KoOgI7AkKimRDjEa1uXBeE7IpWjIIKXNFlh5kqG4KWkvljf2jQhUaRjhOvMfKLnkcw61QGjOwLVgrUZLTaMSwPplyfGtWY-AGUPl1bz3i58sLrA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Thu, 21 Oct 2021 14:41:14 GMT
date: Thu, 21 Oct 2021 14:41:14 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-sZ2KVqc8IBwGEX7lq2x7Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-sZ2KVqc8IBwGEX7lq2x7Cg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 0 Show response
r.stripe.com/ Frame 60B6 0
213 B 186ms
170ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame B2D4 17 KB
7 KB 60ms
60ms Document
text/html 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f92.1e100.net

Software

ESF /

Resource Hash

ccb1c04f37789f8ef03282de0b14b1a78ab99dd5fc7ec7db5afad64160ff5900

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WVJp10sWnJOmic7+yfYdMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-WVJp10sWnJOmic7+yfYdMA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=dm89uB3tVce8YZAkakx-h0KCd-kAbhqaweNUB2njA2zTvIrKJNQ4YotHTFP1KoOgI7AkKimRDjEa1uXBeE7IpWjIIKXNFlh5kqG4KWkvljf2jQhUaRjhOvMfKLnkcw61QGjOwLVgrUZLTaMSwPplyfGtWY-AGUPl1bz3i58sLrA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Thu, 21 Oct 2021 14:41:14 GMT
date: Thu, 21 Oct 2021 14:41:14 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
content-security-policy: script-src 'report-sample' 'nonce-WVJp10sWnJOmic7+yfYdMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-WVJp10sWnJOmic7+yfYdMA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 0 Show response
r.stripe.com/ Frame 7A79 0
213 B 172ms
172ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ba377655677fedb65f8e3b4fe6d23664.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 0371 2 KB
2 KB 19ms
19ms Other
text/html 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.5.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 117ms
117ms Image
image/gif 18.233.45.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3069685772504978&v=6619333494233268&s=4134829646254439&b=web&tv=4.0&sp=ts&sp=1634827272953&sp=d&sp=donate.musiciansoncall.org&sp=h&sp=%2Fgive%2F102085%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=donate.musiciansoncall.org&pp=h&pp=%2Fgive%2F102085%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&pp=ts&pp=1634827272953&id0=3177475854747284&k0=environment&k0=prod&k0=organization_id&k0=6948&k0=payment_processor&k0=WePay&k0=campaign&k0=102085&k0=campaign_type&k0=p2p&k0=duplicate_fundraisers&k0=true&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1634827274713&st=1634827274714

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.45.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-45-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:14 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/events/1/ 24 B
514 B 567ms
566ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1211.ba193a8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=6028&ck=1&ref=https://donate.musiciansoncall.org/give/102085/
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 21 Oct 2021 14:41:15 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://donate.musiciansoncall.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6a1b3ee31f97411a-PRG
Content-Length: 24

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
286 B 509ms
170ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.cross_frame_access&event_count=2&timestamp=1634827274740&event_id=a0e47141-4246-4764-9bf1-6556f8de54d5&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&available=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 679ms
341ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=3&timestamp=1634827274741&event_id=3892f20a-21eb-46f5-9e0c-2cb20bf1da52&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 675ms
342ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.options&event_count=4&timestamp=1634827274742&event_id=f582a675-e1a0-4115-8ec7-1450f6ba617a&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&options-country=US&options-currency=eur&options-requestPayerEmail=true&options-requestPayerName=true&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 509ms
178ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.query_strategy&event_count=5&timestamp=1634827274748&event_id=2a9afc3d-53c6-4b31-93fd-0c7a2be0a4eb&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&queryStrategy=GOOGLE_PAY+BROWSER&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 671ms
341ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=6&timestamp=1634827274750&event_id=86579962-008e-4dda-bf0b-f6e56ce0eaba&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 506ms
178ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=7&timestamp=1634827274751&event_id=dd27bf9f-6b09-4669-b742-30b30ea3d494&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 664ms
341ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment&event_count=8&timestamp=1634827274755&event_id=0b80d861-f4b9-4849-9568-e6eda17b889c&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 492ms
170ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=9&timestamp=1634827274757&event_id=a8dddbc7-b611-410b-b3e6-e1d313a01d72&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&element=outer&dom_loading=850&dom_interactive=1132&dom_complete=1223&since_fetch=1499&load_count=1&load_before_dom_content_loaded=false&load_ready_state=complete&first_create_ready_state=complete&first_mount_readyState=complete&until_first_create=1700&until_first_mount=1708&until_first_load=2410&resource_timings-stripe.js-transfer_size=64776&resource_timings-stripe.js-duration=55&resource_timings-m-outer.html-transfer_size=441&resource_timings-m-outer.html-duration=628&resource_timings-controller.html-transfer_size=467&resource_timings-controller.html-duration=21&resource_timings-payment-request-inner-google-pay.html-transfer_size=498&resource_timings-payment-request-inner-google-pay.html-duration=43&resource_timings-payment-request-inner-browser.html-transfer_size=479&resource_timings-payment-request-inner-browser.html-duration=52

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 660ms
341ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=10&timestamp=1634827274759&event_id=991aeeb7-cf39-4553-a60e-481961edd1a8&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=115&dom_interactive=652&dom_complete=652&since_sjs_load=2349&since_stripe_create=650&since_create=650&mount_duration=642&since_fetch=632&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=48013&resource_timings-shared.js-duration=25&resource_timings-controller.js-transfer_size=76256&resource_timings-controller.js-duration=37

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 655ms
342ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.cross_frame_access&event_count=2&timestamp=1634827274766&event_id=72af8549-3906-4d2f-97c5-b4790ad76506&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&available=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 490ms
177ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=3&timestamp=1634827274767&event_id=8a0d9fb3-f31a-400b-af93-bcc89c78e681&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 651ms
340ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.options&event_count=4&timestamp=1634827274768&event_id=d8973aa8-4bac-4284-b4c7-2eb3a136dff2&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&options-country=US&options-currency=eur&options-requestPayerEmail=true&options-requestPayerName=true&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 487ms
177ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.query_strategy&event_count=5&timestamp=1634827274769&event_id=4ba8113c-fe80-43ab-a528-779cb7d58a35&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&queryStrategy=GOOGLE_PAY+BROWSER&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 652ms
343ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=6&timestamp=1634827274770&event_id=a5159f6d-14f6-4f85-bca3-51dbc4ff8925&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 650ms
342ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=7&timestamp=1634827274771&event_id=3965a37d-b2ea-4ab2-a535-d540b4d0e289&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 650ms
343ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment&event_count=8&timestamp=1634827274772&event_id=0bffe7a0-d2d4-4157-81e6-016bffd0e3cf&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 476ms
171ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=9&timestamp=1634827274773&event_id=d6580455-c496-41cc-b71a-90aebd955f14&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=64&dom_interactive=710&dom_complete=710&since_sjs_load=2401&since_stripe_create=1097&since_create=1097&mount_duration=1079&since_fetch=708&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=48013&resource_timings-shared.js-duration=26&resource_timings-controller.js-transfer_size=76256&resource_timings-controller.js-duration=27

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame B2D4 2 KB
2 KB 13ms
13ms Other
text/html 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.5.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 21 Oct 2021 14:41:14 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=732960445&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&dp=%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=1714379091&gjid=1800299251&cid=842289835.1634827272&tid=UA-49011314-1&_gid=1191980804.1634827272&_r=1&_slc=1&z=1264650546

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.musiciansoncall.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=732960445&t=pageview&_s=7&dl=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F&dp=%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=842289835.1634827272&tid=UA-3837893-1&_gid=1191980804.1634827272&cd1=6948&cd2=Classy%20Pay&cd3=1&cd4=p2p&cd5=102085&cd6=campaign&z=859409816

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 02:08:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45161
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMi... Frame 0371 147 KB
52 KB 50ms
8ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

29c849a3c90f94815c3a02949f28d0c060ce8c619426001e30d8f5ac0d009d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52562
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 03:22:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:27:07 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 43ms
21ms XHR
text/plain 142.251.5.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-49011314-1&cid=842289835.1634827272&jid=1714379091&gjid=1800299251&_gid=1191980804.1634827272&_u=aGDACEABBAAAAC~&z=106890006

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.musiciansoncall.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Oct 2021 14:41:14 GMT
content-type: text/plain
access-control-allow-origin: https://donate.musiciansoncall.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMi... Frame B2D4 147 KB
51 KB 39ms
15ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

29c849a3c90f94815c3a02949f28d0c060ce8c619426001e30d8f5ac0d009d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52562
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 03:22:47 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:27:07 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame B2D4 36 KB
13 KB 60ms
34ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f9b8ec26fc043fd956a63a4b4a0eca99247a40f607ec10c08707b17920f977e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13472
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:12 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 0371 36 KB
13 KB 51ms
33ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f9b8ec26fc043fd956a63a4b4a0eca99247a40f607ec10c08707b17920f977e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13472
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:12 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame B2D4 71 KB
26 KB 36ms
23ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

9451801ef20bde4320e1aba58002349f0fbf2fa7c6d45d761fb8b64146129f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26715
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:12 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 0371 71 KB
26 KB 23ms
15ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

9451801ef20bde4320e1aba58002349f0fbf2fa7c6d45d761fb8b64146129f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26715
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:12 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B2D4 49 KB
19 KB 26ms
25ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 6858
date: Thu, 21 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Thu, 21 Oct 2021 14:46:57 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame B2D4 1 MB
338 KB 91ms
89ms XHR
text/html 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f92.1e100.net

Software

ESF /

Resource Hash

c07cf25bc2bbb013dfa920eb0b863f4fa50408d2d0f4c6f0758543fab2017544

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-/SRZQPwNTXF8ejEsBqfJDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-/SRZQPwNTXF8ejEsBqfJDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Thu, 21 Oct 2021 14:41:15 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-/SRZQPwNTXF8ejEsBqfJDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-/SRZQPwNTXF8ejEsBqfJDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 21 Oct 2021 14:41:15 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0371 49 KB
19 KB 8ms
7ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 6858
date: Thu, 21 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Thu, 21 Oct 2021 14:46:57 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 0371 1 MB
338 KB 64ms
64ms XHR
text/html 142.251.5.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.5.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f92.1e100.net

Software

ESF /

Resource Hash

1579a53e56f54e8975fb251ac72482b60e70fcf9ff7d8889c61b74b91f5a229f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vmFaxSJAEfu7hIeJujg4wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-vmFaxSJAEfu7hIeJujg4wQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Thu, 21 Oct 2021 14:41:15 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vmFaxSJAEfu7hIeJujg4wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-vmFaxSJAEfu7hIeJujg4wQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 21 Oct 2021 14:41:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 85ms
41ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 0371 131 B
155 B 82ms
43ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0371 131 B
155 B 85ms
46ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 70ms
41ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 0371 131 B
155 B 79ms
40ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 54ms
41ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 0371 131 B
155 B 84ms
44ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 44ms
41ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 0371 131 B
155 B 45ms
42ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 0371 17 KB
7 KB 45ms
45ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3b487fbb021abfdd71c1d35ad4fe3527fcc7980f913c4365007a15c3a2f3a42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7269
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 21 Oct 2022 03:39:27 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 0371 8 KB
3 KB 43ms
40ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f77913119c0f685476cccef435562099303302c2b96c2435b3e230df70498327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:17 GMT

POST
H3 200 log Show response
play.google.com/ Frame B2D4 131 B
155 B 53ms
53ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame B2D4 131 B
155 B 55ms
54ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame B2D4 131 B
155 B 54ms
53ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame B2D4 131 B
155 B 54ms
54ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame B2D4 131 B
155 B 53ms
53ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame B2D4 17 KB
7 KB 13ms
13ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3b487fbb021abfdd71c1d35ad4fe3527fcc7980f913c4365007a15c3a2f3a42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7269
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 21 Oct 2022 03:39:27 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame B2D4 8 KB
3 KB 15ms
15ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f77913119c0f685476cccef435562099303302c2b96c2435b3e230df70498327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 21:24:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Fri, 14 Oct 2022 16:28:17 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 47ms
46ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 98ms
60ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 90ms
60ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 74ms
60ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 56ms
56ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 48ms
48ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 0371 131 B
155 B 52ms
50ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 164ms
164ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.activity_mode&event_count=10&timestamp=1634827275375&event_id=c25197c0-2323-4cec-a806-e294ba34d093&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&activityModeName=POPUP&activityMode=2&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 53ms
53ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 164ms
164ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.can_make_payment_native_response&event_count=11&timestamp=1634827275376&event_id=94e53a63-a6e2-40ab-973b-edc614ba798a&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&available=false&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H3 200 log Show response
play.google.com/ Frame B2D4 131 B
155 B 46ms
45ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 174ms
164ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.activity_mode&event_count=11&timestamp=1634827275388&event_id=ebc7518b-7f05-4c58-91e4-af333e821f7e&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&activityModeName=POPUP&activityMode=2&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 167ms
164ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.can_make_payment_native_response&event_count=12&timestamp=1634827275388&event_id=f3a629db-0445-4dd4-a485-39d2648ae653&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&available=false&backingLibrary=GOOGLE_PAY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 58ms
50ms Preflight
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 21 Oct 2021 14:41:15 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 21 Oct 2021 14:41:15 GMT
cache-control: private

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 167ms
165ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.pr.browser.can_make_payment_rate_limited&event_count=12&timestamp=1634827275398&event_id=27b6c7f1-4c66-4ce9-a31f-25272f3251f0&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&error-stack=Error%3A+Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fpayment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js%3A1%3A10038%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A77020%0A++++at+Array.forEach+(%3Canonymous%3E)%0A++++at+t._emit+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A76997)%0A++++at+e.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A55291)%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A83889%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A79374%0A++++at+new+Promise+(%3Canonymous%3E)%0A++++at+t.a._respondUsingPromise+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A79346)%0A++++at+t.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A83813)&backingLibrary=BROWSER

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 167ms
166ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.payreq.can_make_payment_rate_limited&event_count=13&timestamp=1634827275399&event_id=9d71255f-93d0-4867-987b-868c979948af&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&message=Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request&impl=prapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 167ms
165ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.pr.browser.can_make_payment_rate_limited&event_count=13&timestamp=1634827275401&event_id=bf2d76fd-3b71-4118-b7e8-98c38c636211&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&error-stack=Error%3A+Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fpayment-request-inner-browser-f2a776258b5d03fabd63ccb663dcf89a.js%3A1%3A10038%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A77020%0A++++at+Array.forEach+(%3Canonymous%3E)%0A++++at+t._emit+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A76997)%0A++++at+e.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A55291)%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A83889%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A79374%0A++++at+new+Promise+(%3Canonymous%3E)%0A++++at+t.a._respondUsingPromise+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A79346)%0A++++at+t.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-ba%3Csanitized%3Efedb65f8e3b4fe6d23664.js%3A1%3A83813)&backingLibrary=BROWSER

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 167ms
165ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.payreq.can_make_payment_rate_limited&event_count=14&timestamp=1634827275401&event_id=bb1ca7d1-dbfa-4d81-a6fd-c26990814478&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&message=Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request&impl=prapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 135ms
112ms Image
image/gif 18.233.45.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3069685772504978&v=6619333494233268&s=4134829646254439&b=web&tv=4.0&sp=ts&sp=1634827272953&sp=d&sp=donate.musiciansoncall.org&sp=h&sp=%2Fgive%2F102085%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=donate.musiciansoncall.org&pp=h&pp=%2Fgive%2F102085%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&pp=ts&pp=1634827272953&id0=7718943060868810&k0=environment&k0=prod&k0=organization_id&k0=6948&k0=payment_processor&k0=WePay&k0=campaign&k0=102085&k0=campaign_type&k0=p2p&k0=duplicate_fundraisers&k0=true&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1634827275404&st=1634827275405

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.45.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-45-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 130ms
109ms Image
image/gif 18.233.45.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=3069685772504978&v=6619333494233268&s=4134829646254439&b=web&tv=4.0&sp=ts&sp=1634827272953&sp=d&sp=donate.musiciansoncall.org&sp=h&sp=%2Fgive%2F102085%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout&pp=d&pp=donate.musiciansoncall.org&pp=h&pp=%2Fgive%2F102085%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout&pp=t&pp=Donate%20to%20Deliver%20the%20Healing%20Power%20Of%20Music&pp=ts&pp=1634827272953&id0=3603727930978550&k0=environment&k0=prod&k0=organization_id&k0=6948&k0=payment_processor&k0=WePay&k0=campaign&k0=102085&k0=campaign_type&k0=p2p&k0=duplicate_fundraisers&k0=true&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1634827275405&st=1634827275405

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.233.45.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-45-176.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
donate.musiciansoncall.org/static/global/images/digitalWallets/ 3 KB
1 KB 454ms
433ms Image
image/svg+xml 104.18.113.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.musiciansoncall.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

:path: /static/global/images/digitalWallets/GooglePay-logo.svg
pragma: no-cache
cookie: connect.sid=s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0; __cf_bm=kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=; __cfruid=ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271; _ga=GA1.2.842289835.1634827272; _gid=GA1.2.1191980804.1634827272; _hp2_id.1566116007=%7B%22userId%22%3A%223069685772504978%22%2C%22pageviewId%22%3A%226619333494233268%22%2C%22sessionId%22%3A%224134829646254439%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _gat_classyTrack=1; _hp2_props.1566116007=%7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A6948%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A102085%2C%22campaign_type%22%3A%22p2p%22%2C%22duplicate_fundraisers%22%3Atrue%2C%22existing_fundraiser%22%3Afalse%7D; OptanonConsent=landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A13+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true; CSRF-TOKEN=xOGEvaAX-c0U5QMTPTEvKYVAYMyE6cxycncM; _hp2_ses_props.1566116007=%7B%22ts%22%3A1634827272953%2C%22d%22%3A%22donate.musiciansoncall.org%22%2C%22h%22%3A%22%2Fgive%2F102085%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D; acceptCookies=eyJpdiI6ImF5b2ZaaGtmUk1wNkVtaFY4TmZoMGc9PSIsInZhbHVlIjoiVEllTVVSb0J5OTJFUWllZGJ5UFpFQT09IiwibWFjIjoiNzNkODI2M2VmODg3Yjg1ZDFmNTgzODM5Nzc0OTJiMmYyNmYxNDg2YjMxZDEyOGE0YzlmY2Q4ZWRhNmI4YjMzOCJ9; XSRF-TOKEN=eyJpdiI6IjRiU3pxelBoQVJ3SERidzBDTEtsMGc9PSIsInZhbHVlIjoiU1F6S1hhQ2d3aU9NZEZTeGRqcnBTdXZwd0JkRFcyM0l2SHZoK3FXenlyaFpUckxVc0tneGpjYTJIOU80WWhUVDI1TU5uM0Znb0dhRVwvbkxITHltMXh3PT0iLCJtYWMiOiIzODY1MmUyOTgxM2E1NDM3ZTdhMGFlZjM0ZmE3YzE0ZjY0NGY4MTMyZjEyMjQ3NmFlYWNhOWRhMzJiNjkxNGEzIn0%3D; sid=eyJpdiI6Ilo2V1RZZHNQZUpqRkFLZFAwWEVJdWc9PSIsInZhbHVlIjoiTWFZWEwwQ0ljWkdKeGJzYmV1dDdseDllWXBsakdvaGsxakxXMlJZK2FZZEdvNlBkSUxwT05FdU5CMGdMSTRhTmtGN0tOb2VnVnNLODNkQll0UGRNNXc9PSIsIm1hYyI6ImM1MWZkZWRhNGI0NTNlMmE4MmQ5YTVlMzU0ZmJiZmE0NmRlOTc3YjNmNmE1NWI3MDFjN2JiN2Y4NWRjY2M5YjUifQ%3D%3D; _gat_clientTrack=1; __stripe_mid=98b5295a-f280-474b-a2e7-7e3ea27654688c6a69; __stripe_sid=c787a999-09b9-4fd6-a06d-7fdca9e2a6155c5e2f
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: donate.musiciansoncall.org
referer: https://donate.musiciansoncall.org/give/102085/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/give/102085/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 21 Oct 2021 00:38:06 GMT
server: cloudflare
etag: W/"6170b66e-b41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6a1b3ee79fac4119-PRG
expires: Fri, 21 Oct 2022 14:41:15 GMT

GET
H2 200 /
q.stripe.com/ Frame 7A79 43 B
285 B 187ms
166ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment_response&event_count=14&timestamp=1634827275416&event_id=98c9af37-616e-4648-a60e-40be1bfb5b55&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274695&wrapper=unknown&es_module=false&frame_width=1600&response-applePay=false&response-googlePay=false&cached=false&duration=1751&activeBackingLibrary=BROWSER&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 187ms
167ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment_response&event_count=15&timestamp=1634827275419&event_id=f14c49b8-5e98-480d-8715-f518d97997c1&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&response-applePay=false&response-googlePay=false&cached=false&duration=1392&activeBackingLibrary=BROWSER&usesButtonElement=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:15 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H3 200 log Show response
play.google.com/ Frame 0371 131 B
155 B 48ms
46ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame B2D4 131 B
155 B 43ms
42ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Oct 2021 14:41:15 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
expires: Thu, 21 Oct 2021 14:41:15 GMT

GET
H2 200 trusted-types-checker-25950ee9e6b53643799ec5466dd44bbf.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
663 B 14ms
14ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-25950ee9e6b53643799ec5466dd44bbf.js

Requested by

Host: donate.musiciansoncall.org
URL: https://donate.musiciansoncall.org/give/102085/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c90da1bd322828d6ee667cc821d86fcc853c693978bfac087402f33811f1632

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://donate.musiciansoncall.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 14:41:19 GMT
content-encoding: br
vary: Accept-Encoding
age: 216
via: 1.1 varnish
x-cache: HIT
content-length: 118
x-amz-id-2: Ca1zBnTke9U89f47IjBADQL7gVPdj6t3edkZWUDWTDfOircsuZPSfIdrDbwqVFN0L2tiI4qj1Zk=
x-served-by: cache-hhn4033-HHN
timing-allow-origin: *
last-modified: Fri, 15 Oct 2021 17:23:20 GMT
server: AmazonS3
etag: "931a6e0547274c0226d0f8b3f94a3fb8"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: H1PZ42WKM969YWTP
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 33

GET
H2 200 /
q.stripe.com/ Frame 60B6 43 B
285 B 168ms
167ms Image
image/gif 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.trusted_types_check&event_count=16&timestamp=1634827279749&event_id=0a618443-78bb-4c30-a89b-b7826441fd21&os=Windows&browserFamily=Chrome&version=7338eae82&key=pk_live_h5ocNWNpicLCfBJvLialXsb900SaJnJscz&referrer=https%3A%2F%2Fdonate.musiciansoncall.org&stripe_js_id=a1b122be-b545-497c-8921-978c9fcea9cb&controller_load_time=1634827274644&wrapper=unknown&es_module=false&frame_width=1600&result=ALLOWED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Oct 2021 14:41:19 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.musiciansoncall.org/	1970-01-20 03:12:24	Name: visitor_id185902 Value: 357601395
go.musiciansoncall.org/	1970-01-20 03:12:24	Name: visitor_id185902-hash Value: adda7d86ad81f63a7c082f9ef996cddd787f35c68864ff1feffd598306749b0902d6396ee8af099838a9d9b30bfc26816b720b3b
donate.musiciansoncall.org/	1970-02-07 20:13:50	Name: connect.sid Value: s%3Anru4tAS1FIlPCNbJTVWBbvO2kxCQLD8e.ffzTZ3ecn2T3c0WWAuQyK%2BqlBkbSHKwcZkJN2eWgAE0
.donate.musiciansoncall.org/	1970-01-19 22:07:09	Name: __cf_bm Value: kiKBbnQZOhBNiGkx9yVdDCz_5oVFg6xKBQ4FdmwW7_k-1634827271-0-AU0y7KFNEusKMvSGbatoGB6mZYqttkTi/XUXluBPmYZNsXqv+/Qt0MBlJs0cEEahSgf87EeDh/BNSfG0Ze42DYs=
.donate.musiciansoncall.org/	1969-12-31 23:59:59	Name: __cfruid Value: ec3824f883a80ce4f6755ab43dfe075549eb0de7-1634827271
.classy.org/	1970-01-19 22:07:09	Name: __cf_bm Value: k6p8xnEUhpdOX07ZbJCu6kefhlC.zOsOBx8ZH1lrhj0-1634827271-0-ARkGmMq7v8TEPD1jw10REkUEFO+uELlC/ePFMhRKTcfd4o0qtOgKwAI6szSvtsJ1hLfiC8DsnnN2DDLldlCQxUA=
.musiciansoncall.org/	1970-01-20 15:38:19	Name: _ga Value: GA1.2.842289835.1634827272
.musiciansoncall.org/	1970-01-19 22:08:33	Name: _gid Value: GA1.2.1191980804.1634827272
.musiciansoncall.org/	1970-01-20 07:35:04	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%223069685772504978%22%2C%22pageviewId%22%3A%226619333494233268%22%2C%22sessionId%22%3A%224134829646254439%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YmCaO-rzjqA
.youtube.com/	1970-01-20 02:26:19	Name: VISITOR_INFO1_LIVE Value: NRYToibaK-g
.musiciansoncall.org/	1970-01-19 22:07:07	Name: _gat_classyTrack Value: 1
.musiciansoncall.org/	1970-01-20 07:35:04	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A6948%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A102085%2C%22campaign_type%22%3A%22p2p%22%2C%22duplicate_fundraisers%22%3Atrue%2C%22existing_fundraiser%22%3Afalse%7D
.donate.musiciansoncall.org/	1970-01-20 06:52:43	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fdonate.musiciansoncall.org%2Fgive%2F102085%2F%23!%2Fdonation%2Fcheckout&datestamp=Thu+Oct+21+2021+14%3A41%3A13+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
donate.musiciansoncall.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: xOGEvaAX-c0U5QMTPTEvKYVAYMyE6cxycncM
.musiciansoncall.org/	1970-01-19 22:07:09	Name: _hp2_ses_props.1566116007 Value: %7B%22ts%22%3A1634827272953%2C%22d%22%3A%22donate.musiciansoncall.org%22%2C%22h%22%3A%22%2Fgive%2F102085%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%22%7D
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: dfd2da581a600291
.google.com/	1970-01-20 02:30:38	Name: NID Value: 511=dm89uB3tVce8YZAkakx-h0KCd-kAbhqaweNUB2njA2zTvIrKJNQ4YotHTFP1KoOgI7AkKimRDjEa1uXBeE7IpWjIIKXNFlh5kqG4KWkvljf2jQhUaRjhOvMfKLnkcw61QGjOwLVgrUZLTaMSwPplyfGtWY-AGUPl1bz3i58sLrA
donate.musiciansoncall.org/	1970-01-20 06:52:43	Name: acceptCookies Value: eyJpdiI6ImF5b2ZaaGtmUk1wNkVtaFY4TmZoMGc9PSIsInZhbHVlIjoiVEllTVVSb0J5OTJFUWllZGJ5UFpFQT09IiwibWFjIjoiNzNkODI2M2VmODg3Yjg1ZDFmNTgzODM5Nzc0OTJiMmYyNmYxNDg2YjMxZDEyOGE0YzlmY2Q4ZWRhNmI4YjMzOCJ9
donate.musiciansoncall.org/	1970-01-19 22:07:14	Name: XSRF-TOKEN Value: eyJpdiI6IjRiU3pxelBoQVJ3SERidzBDTEtsMGc9PSIsInZhbHVlIjoiU1F6S1hhQ2d3aU9NZEZTeGRqcnBTdXZwd0JkRFcyM0l2SHZoK3FXenlyaFpUckxVc0tneGpjYTJIOU80WWhUVDI1TU5uM0Znb0dhRVwvbkxITHltMXh3PT0iLCJtYWMiOiIzODY1MmUyOTgxM2E1NDM3ZTdhMGFlZjM0ZmE3YzE0ZjY0NGY4MTMyZjEyMjQ3NmFlYWNhOWRhMzJiNjkxNGEzIn0%3D
donate.musiciansoncall.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6Ilo2V1RZZHNQZUpqRkFLZFAwWEVJdWc9PSIsInZhbHVlIjoiTWFZWEwwQ0ljWkdKeGJzYmV1dDdseDllWXBsakdvaGsxakxXMlJZK2FZZEdvNlBkSUxwT05FdU5CMGdMSTRhTmtGN0tOb2VnVnNLODNkQll0UGRNNXc9PSIsIm1hYyI6ImM1MWZkZWRhNGI0NTNlMmE4MmQ5YTVlMzU0ZmJiZmE0NmRlOTc3YjNmNmE1NWI3MDFjN2JiN2Y4NWRjY2M5YjUifQ%3D%3D
.musiciansoncall.org/	1970-01-19 22:07:07	Name: _gat_clientTrack Value: 1
m.stripe.com/	1970-01-20 15:38:19	Name: m Value: 8542d895-b667-4439-beb4-eda0514d328669c9d7
.donate.musiciansoncall.org/	1970-01-20 06:52:43	Name: __stripe_mid Value: 98b5295a-f280-474b-a2e7-7e3ea27654688c6a69
.donate.musiciansoncall.org/	1970-01-19 22:07:09	Name: __stripe_sid Value: c787a999-09b9-4fd6-a06d-7fdca9e2a6155c5e2f

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
bam-cell.nr-data.net
cdn.heapanalytics.com
cdn.plaid.com
code.jquery.com
donate.musiciansoncall.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
go.musiciansoncall.org
heapanalytics.com
htp.tokenex.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.classy.org
pay.google.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
sessions.bugsnag.com
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
unpkg.com
www.google-analytics.com
www.googleadservices.com
www.gstatic.com
www.musiciansoncall.org
www.youtube.com
104.16.125.175
104.16.95.65
104.18.113.21
104.18.132.60
104.20.185.68
104.244.42.72
104.26.6.212
13.32.121.24
13.32.121.98
142.250.185.110
142.250.185.131
142.250.185.78
142.250.186.138
142.250.186.98
142.250.186.99
142.251.5.154
142.251.5.92
151.101.0.176
151.101.66.137
162.247.243.147
18.233.45.176
192.229.233.25
35.174.78.146
35.190.88.7
52.143.247.24
52.89.186.194
54.187.119.242
69.16.175.42
007ae39c614f532fd0efffce182882893814be75637bd67a6eaeed98ab364402
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
00a6e2908bf71a728e79bc62a2181ef87e6bd172bb94bfc0f64ecc3c9da2ffc9
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ee9c45ae2075e9ee4438a02c2c453d32524a069e845dc8c9693fdc9bdffb3ea
1579a53e56f54e8975fb251ac72482b60e70fcf9ff7d8889c61b74b91f5a229f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1858f39b193991a4cb9b2870748f23b4fd9e3f14be2d2d7b03d56df567c8d3c8
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
196db4067cb1f7a7a2308e58bcc022d6ed7f2e38052e70d02172d2bf6435cec1
1a0ed24665a7233f6859e1724590970f171abc7480be91bedd85a8dd333534ca
272d71624a8d4634901f0260580882a059268ff037cc12302b283a9710756c2a
29c849a3c90f94815c3a02949f28d0c060ce8c619426001e30d8f5ac0d009d62
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
2c224dfa203e28003da563e5269c9d67724e053ab7c87b2581b1b6ed22b05499
30a9aa2305ee5d5bbf14458b165316cdbb9e25d64ae64387304f1485b8b3869c
33ee267763985a483e766006308c74e6afa3d561ac5b23ac58b7ef2a2e55eacc
36286d64f60cdcb37980e4da0bccd1e83307ac50684bb728062a0818d318c4ea
3b487fbb021abfdd71c1d35ad4fe3527fcc7980f913c4365007a15c3a2f3a42f
3dabdbe3a4f5451758d432c460871d8f28f6bbf597e0fdba6d719c7c4bf3c344
3e1808a9ace7385d348932f3772b932fae013838a7eccf665e0c3beb2373050c
43df012ff9a102b8238cd0e4c785c964dc75a1013a51935a6bfc4f92f937b5c3
48e76017a2ab32ab6c81dd6a2042fae71c48dc4d7103f8691078eb880936b742
4be775cb06140d026745fe8470ed67f2aad290d5231d9b4d953f0a4fdfe52316
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
534ff11f9772b25fa99b794110ff7afa7db494f58823cf3f6753432c7e8defc6
539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862
59b4ad961c217b12c7b69f92171609ef05dbde3c5b275939f6513806774a19b4
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71a55578d53e666ef644669139972f47092d97114a67c8b251f155ef6c19c15d
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7c90da1bd322828d6ee667cc821d86fcc853c693978bfac087402f33811f1632
7cd97e407ef3a10d8dab1fe7e58823622a0bfa68bc2834e10959bf016e0d27ab
7f30963d624b1125213209b260327c18887a6c3df00ca26de608660a28bf7147
810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130
832acca5fc6fb4913e0b5251b1604bed3dd22add852920f4c842877236cac694
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f6d4d42ce91b959f80096cea1ad8fa46f2d3ef590c1b764bab78afcad3eb10
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
92efd21bec15ac78f255012fa628f23bf4ab9d66ed6e8c91ab22f960d6b15f1b
9451801ef20bde4320e1aba58002349f0fbf2fa7c6d45d761fb8b64146129f80
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
a09a6f5b78f835770f0cee60fa45b72273c42b48e77b0b3522b341cad4cb12eb
ac38f17c1268eea70ef387cea5969c83e585a40b25f1a86b5405747662412705
ac68c0a722c1870b04eccfe8a38159e095bcbc9754a3a34e87b3f01281c937d8
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
b6b3ab64e6c700fc97fb3d6e4f9dfd88a0b0a9ca92493c0687187cc1c3fb4e80
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
c07cf25bc2bbb013dfa920eb0b863f4fa50408d2d0f4c6f0758543fab2017544
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ccb1c04f37789f8ef03282de0b14b1a78ab99dd5fc7ec7db5afad64160ff5900
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
dc8579028e6c99023b053237372924e8d9b433250c9bab706f4995ef6d3a4c44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0ccf3eab05a27a83fdc3a0c60ede70d4d2f18bf8be6cbdcc221d43ad5686ec
ee3f8d2e72aef50d6016628c295c916f66da901d2bcc4f47aff9454b1f2850b2
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
f31c0bfc01df8662eccc5031bc752871902dd60710eecc01cc7474ee0ccddd47
f45a8f6bde47253d6e514532b4dfc9d4e057e97e0ab02ad52a71dffa7026094c
f77913119c0f685476cccef435562099303302c2b96c2435b3e230df70498327
f7de06663940d33071e6643ed3afdbf433d9758d00469e9e9bdf2cde46677742
f9b8ec26fc043fd956a63a4b4a0eca99247a40f607ec10c08707b17920f977e5
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

donate.musiciansoncall.org Open in urlscan Pro 104.18.113.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

100 %HTTPS

0 %IPv6

22 Domains

33 Subdomains

26 IPs

1 Countries

4259 kBTransfer

12233 kBSize

25 Cookies

7 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.musiciansoncall.org Open in urlscan Pro
104.18.113.21 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

33
Subdomains

26
IPs

1
Countries

4259 kB
Transfer

12233 kB
Size

25
Cookies

174 HTTP transactions
0 data transactions